Slashdot Mirror
UK Law Enforcement Is Against "3-Strikes"
Now that the UK is discussing plans for some form of 3-strikes regime to discourage file-sharing, TechDirt reports that the fans of due process have picked up unlikely allies: the law enforcement and spying establishments fear that a 3-strikes policy would result in far more encryption on the Net, greatly complicating their jobs. "Of course, they're not as concerned about due process and civil rights, as they are about making it more difficult to track down criminals online: 'Law enforcement groups, which include the Serious and Organized Crime Agency and the Metropolitan Police's e-crime unit, believe that more encryption will increase the costs and workload for those attempting to monitor internet traffic. ... A source involved in drafting the Bill said that the intelligence agencies, MI5 and MI6, had also voiced concerns about disconnection. "The spooks hate it," the source said.'" The Times (UK) Online has more details.
Never really understood this "3 strikes and you're out" theory. Law enforcement is too complex to be modelled after the rules of a US sports game. Can somebody explain how this idiotic idea came about, the thinking behind it?
What next? You don't go to jail if you say "Simon says" before committing an offence? Police can't arrest you if you're not touching the ground when they catch up with you?
LP098 5B6FR
Dave Barnes 9 breweries within walking distance of my house
They are not concerned for what is good for the people. They don't want the law solely because they are afraid that it will lead to citizens making use of encryption that makes it harder for them to snoop. Pure selfish interest.
Sigs are too short to say anything truly profound so read the above post instead.
IIRC, you are required to turn over keys if asked by the government in the UK, jail time if you don't.
If they're currently trying to figure out who to ask keys from, if everyone does it, workload on figuring out what is malicious and requires them to ask everyone or figure out some way to narrow it down.
Encryption requires the extra step of going to the hardware store and buying a $5 wrench.
Reading code is like reading the dictionary - you have to read half of it before you can go back and understand it.
I'd hazard a guess that the real issue these agencies have is about increased use of anonymous communication networks such as Tor rather than just "encryption" of the content. It's almost a given that widespread adoption of Tor will have two important effects: (1) there will be larger numbers of relay or exit nodes in the network - at present it is suspected that intelligence agencies control a large number of the exit nodes (and possibly relay nodes too) in the network; and (2) greater traffic through the network will make it significantly harder to perform timing attacks on entry and exit from the mix network to correlate traffic and thus break its anonymity.
Sure, it makes sense. Make it such a PR issue that everyone and their grandmother is concerned with security so that they use Tor. It's simply an arms race.
If commerical encryption were truly unbreakable by these groups, then I'd assume that they would have outlawed their use by now.
They pretty much have. In the UK you are legally obligated to give up your keys if required.
Of course, then comes the question of how they're going to determine if the keys were the real keys... or just to the first layer... or just to the first and second layer... or...
The intelligence agencies would do well to object quite a lot; we still haven't the final mass migration to rubber hose protected encryption and f2f darknets, but it's well on the way. If three-strikes regulation becomes popular, then most of the internet will become pretty opaque to any form of snooping, and any real threats will happily tag along on the mass of ordinary citizens just out to protect their privacy from whatever lobbyist it tugging at the puppet strings of the politicians for the moment.
Military Intelligence Division 5 and Divsion 6, I believe. MI5 is the UK's version of the FBI, while MI-6 is the UK's version of the CIA. If you listen to bond carefully, you'll usually hear some references to MI6.
Degaussing scares the bad magnetism out of the monitor and fills it with good karma.
Encryption simply forces them to tap your keyboard, and the costs of that are much higher than the costs of running Wireshark on a router somewhere.
Not only that, but it usually requires a much more involved process of those troublesome warrents and all to get actual wire-tepping done (usually, not always). Curse that due process!
Let's not be too disparaging here, the police sometimes have legitamte interests in information gathering, there really are some people who need to be taken down. It is not their job to just protect our rights politically, that's our job and the job of the politicians (who epically fail in internet law). It is their job to protect our rights in life, but not to lobby for it in law-making; so they serve their own interests here, but they do so legitimatly (refering to other posts, not yours here). At least it does point out one of the social problems of treating practitioners internet freedoms as common criminals... it makes real criminals easily lost in the system.
DISCLAIMER: I am very rarely serious. If the above comment seems asinine makes no sense, it is most likely a bad joke.
To be fair the "UK law enforcement and intelligence services" should not be commenting on due process and civil rights, other than to confirm that they uphold them. It is their job to track criminals, it is our job to dictate the rules they must follow in doing so.
It's not really fair to apportion them with blame for the laziness, apathy and short-sightedness of voters and their elected officials. They're probably even more surprised than we are when their more outlandish proposals actually get approved.
Although, to be precise, the MI6 is nowadays called Secret Intelligence Service (SIS) and in contrast to the FBI, the MI5 does not have police-like powers like arresting etc.
This simplistic and damaging law-making gets traction because of the people who are overly punitive.
That trait of excessive eagerness to punish is often coupled with these other traits:
Authoritarian Personality WP article
"The Authoritarians" paper
I like this. In reality, properly-implemented encryption will completely prevent even the most well-funded government agency from monitoring your Internet traffic. But Police and Three Letter Agencies would never admit as much in a press release. Instead, encryption just "increases their costs and workload." Feh.
I think one of the reasons that the average person doesn't care enough about encryption to use it is because they have no idea how effective it is.