Slashdot Mirror
Plans For Widespread Monitoring of Communication In Europe Revealed
TrueSatan writes "A leak from the Clean IT project reveals how it has been subverted from its original, much more innocuous, goals into a surveillance horror story with democratic freedoms and personal rights being the victims."
The leaked document in question. Gems include member states repealing anti-filtering laws and a mandate that ISPs be held liable for not reporting terrorist use of their networks. The Clean IT Project counters that there's nothing to see here (amazingly, through a series of tweets with a journalist).
Are consultants and hardware manufacturers. The government has no idea what to do with this information, and its going to spend an enormous amount of money for what will end up being a data vault that is locked away because its too big of a failure to admit they were wrong in the first place to attempt this.
The next step is to ban it. Do not wait until it is too late to show your disagreement.
The Wise adapts himself to the world. The Fool adapts the world to himself. Therefore, all progress depends on the Fool.
How could anyone meaningfully ban encryption? First of all, financial security is built on top of encryption algorithms. Second of all, they're algorithms. I would be like trying to ban F=MA.
The world's burning. Moped Jesus spotted on I50. Details at 11.
Then they don't "meaningfully" ban encryption. They just use it as an excuse to harass, arrest, and interrogate people they don't like.
I made a real try at reading the doc in a dispassionate, scholarly fashion, but couldn't make it past page ten: I kept seeing in mind's eye the substitution of other words for "terrorist," leading to "anybody we don't like" and ending with "everyone except us." Knowing that this and the many similar plans would have been a Stasi wet-dream didn't help.
No, it would be more like you are guilty of whatever they are accusing you of BECAUSE you used encryption. Why would you encrypt it in the first place if you didn't have something to hide?
This is a sig. This is only a sig. Had this been an actual sig you would have been informed where to tune for more sigs.
They can still track who you talk to, who your friends are, what websites you visit, who you call (assuming your calls encrypted, if not what you talk).
Encryption hardly solves the problem.
An article from March 19, 2012 shows that The Ban On Encryption is already a Work In Progress.
Visit CryptoGnome in his home.
The various groups such as the police, moral majorities, or whomever will keep badgering the politicians for these types of laws to "protect the children" or "protect our rights" but in reality these laws are all of the type: music leads to dancing which leads to the unspeakable. The only thing to finally put a stop to them is to enshrine privacy rights in whatever constitutions, bills of rights or whatever structure has the final common sense say in any modern legal system. A well written code should last for decades as it should not be technology specific just information specific. It should spell out what data the government can gather without a warrant. It should also spell out that corporations can only gather the information required for billing customers who have agreed to be billed. Any other information gathering should be a civil rights violation. So if the police record license plates as you drive by then boom they are busted. Or if we get some cool medical implants that record stuff and the hospital gathers it and passes it on to a drug company or insurance company then busted.
Personally I would even like to see my grocery store stopped from gathering my shopping habits. Basically tally my total charge me and then forget that I was there. I want it so that the police aren't even allowed to ask for data from a company's computer unless they have a warrant. Not even a peek.
If these things aren't stopped now then the new normal will be a government and corporations who will be able to know way too much about you. A grocery store that pulls up your phone IMEI and asks the phone company who you are. Then asks to see what sites you have been surfing to see what they can sell you. What is stopping the phone company and your ISP from selling this data?
I can see a 13 year old boy called into the principal's office and expelled because of the "disgusting" sites they were surfing at home the night before. If the ISP were owned by some bible thumper what law is stopping them from handing this data to anyone? Right now as long as you put it into the terms of service where we all blindly click "I agree" the company should be pretty safe. Also those terms of service almost always blah blah about sharing with 3rd parties.
My guess as to the main reason that this isn't done more is that most people don't have the skills to properly mix and match such different data sets. Plus some companies might be reluctant to really piss of their customers. But when any of these companies are on the ropes financially they will make any deal with any devil that comes along.
Well the way things are going in the EU it doesn't seem likely it will be around in 10 or 12 years time. They are already breaking up in terms of monetary union. Besides which, every story like this attracts a whole flurry of comments like "OMG the government is gonna be watching us - time to go live on the moon" I dont see what is wrong with trying to stop people accessing information which is clearly only there to either assist in weapons making or to provide resources for people who want to cause widespead terror. What is more frightening is the demands the British government are seeking to put on Wikipedia regarding the monitoring and blocking of certain web pages to british citizens http://www.publictechnology.net/news/wikipedia-boss-wont-support-technologically-incompetent-uk-govt-web-plan/37139 The Home Office has admitted it cannot force foreign companies like Google and Facebook to hand over sensitive personal data and is relying on people like Wales to agree to do so voluntarily. Elsewhere World Wide Web creator Tim Berners-Lee also weighed in against the bill. "In Britain, like in the US, there has been a series of Bills that would give government very strong powers to, for example, collect data. I am worried about that," he told The Times. "If the UK introduces draconian legislation that allows the Government to block websites or to snoop on people, which decreases privacy, in future indexes they may find themselves further down the list."
If they hated us for our freedoms, we must be pretty well liked by now.
Gosh darn it! There goes my fantasy that Europe is better than the US.
Such logic is already in use in the United States where people are arrested for supposed crimes and their unwillingness to hand over the passwords to their encrypted hard drives is used as prime evidence that they have something to hide.
It's a wonderful Catch-22 they have pretty much everyone in. Protect your personal information from the bad guys and then they use the fact that you are using such protection to say that you must be involved in something illegal, otherwise why would you be encrypting your information.
As long as they can keep using this as a tactic to arrest and detain people without real cause other than the encrypting of personal information, they will not make such encryption against the law.
I've just found a 'radicalizing' document, clearly a piece of propaganda designed to convince me that Europe is a surveillance state run by some mixture of terrified ninnies and cynical grifters! But I can't find the reporting button to alert the proper authorities and have it taken down, what do I do?
The wrong people are already in charge. EU Commission is appointed, not elected, They don't take their direction from EU voters, they take their direction, mostly it seems from non-EU governments and lobbyists. ACTA was the rule not the exception.
I'm amazed they're using terrorism, the copyright lobbyists suggested CP as their primary weapon. Give us copyright filtering or you diddle kiddies:
See this article:
http://boingboing.net/2010/04/28/music-industry-spoke.html
"Child pornography is great," the speaker at the podium declared enthusiastically. "It is great because politicians understand child pornography. By playing that card, we can get them to act, and start blocking sites. And once they have done that, we can get them to start blocking file sharing sites".
The venue was a seminar organized by the American Chamber of Commerce in Stockholm on May 27, 2007, under the title "Sweden -- A Safe Haven for Pirates?". The speaker was Johan Schlüter from the Danish Anti-Piracy Group, a lobby organization for the music and film industry associations, like IFPI and others...
"One day we will have a giant filter that we develop in close cooperation with IFPI and MPA. We continuously monitor the child porn on the net, to show the politicians that filtering works. Child porn is an issue they understand," Johan Schlüter said with a grin, his whole being radiating pride and enthusiasm from the podium.
I find it ironic that the states who want to fine Google for Street View and recording stray broadcasts are preparing to DPI the entire internet.
Yes, I said "ironic." Come at me, pedants.
DATABASE WOW WOW
You should read about onion routing. Tor is one solution to this problem. It makes it impossible for outside parties to know with whom you communicated. The US Navy thought it would be a cool thing to aid dissenters in oppressive third world countries, not realizing it would also aid dissenters in oppressive first world countries.
http://en.wikipedia.org/wiki/Tor_(anonymity_network)
You mean, just like it is in France? Where using encryption to encode your mail is considered criminal?????
Onion routing and similar by the big dogs relies on there being lots of other users of such systems. If only a few Western government sponsored spies were using a Tor-like system in a place such as Iran, then the local authorities would be willing to devote a lot of their resources to trying to catch those few people. Devoting those same sort of resources to catching 10,000 people who turn out to be just trying to get locally illegal porn or pirate music to maybe get one spy OTOH is terribly wasteful. The Iranian government does not want to spend that many resources on prosecuting very minor crimes by the thousands or even millions just to get an occasional real spy, just like the United States would not want to conduct house to house searches of the entirity of New York City to catch one bank robber, or set up constantly relocating roadside stops every five miles all over every interstate highway and stop all commercial truck traffic, just to nab the occasional drunk.
The problem here is, the Intelligence agencies that developed Onion routing knew there had to be a lot of trivially illegal, semi-legal and fully legal traffic to hide their uses, and in some cases, they actually spread information to aid that civilian development (as in your example of the US Navy). So, either laws against these systems will not pass because the government people proposing them will be called aside to explain why they shouldn't, or the laws will pass, but all the international Intelligence players will know those countries that passed them have switched to something else and hope to make it harder for the lagging countries to continue to use these methods by encouraging international adoption. Put more simply, if a law against onion routing software was actually passed in the US, it would prove the CIA, etc. were no longer relying on onion routing software, and everybody else's intelligence depts. would know this. But frequently proposing such laws only to have them come to nothing, leaves other people's agencies wondering just what the hell they are dealing with.
Who is John Cabal?
The problem with that here in the USA is that people are completely clueless about their rights. The Fifth Amendment is there to protect the innocent from over zealous prosecution. The second someone on a jury buys the "why use it if you have nothing to hide" argument, they've essentially bought into the defendant being guilty and needing to prove innocence. Unfortunately, most of them can't think a thought deeper than the last 30 second commercial they saw, so good luck getting them to comprehend something with that level of importance.
WWJD?
JWRTFM!
Some day I am going to have to explain to my son how we managed to defeat a genocidal megalomaniac bend on world domination, narrowly avoid nuclear annihilation, and rebuild an entire continent in the 20th Century, but that in the 21st Century somehow pirates and terrorists are the biggest threat to Western Civilization. But my biggest fear is that he is growing up in a world where the bar for personal privacy, security, and liberty has been set alarmingly low.
Those of us who experienced privacy in the pre-WWW, pre-datamining era--the before time, the long-long-ago--still have a viscerally negative reaction when we learn about how Company X is collecting information on us in some new-and-intrusive way. Even when it's to protect us from pirates and terrorists, we at least object to it even though we have, thus far, just rolled over, muttering under our breath as a glorified hall monitor looks at pictures of our naked bodies before we are allowed to board an airplane. And we still get angry when we find out that a government is spying on us and listening in to our conversations--digitally encoded or otherwise.
People born after 2000 will have no memory of a smart-phone-free world by the time they are of voting age. They won't find it unsettling that you have to enter a credit card number before you can log into your iThing or that their toaster needs to know their birth date. Let's just hope that the elderly continue to have a disproportionate influence in electoral politics--at least until I die.
Actually, I wrote my thesis on life experience.
Too true. I call the it the homo almost-sapiens phenomenon. It's an amazing idea; two species capable of interbreeding, homo sapiens and homo almost-sapiens, but one not quite a thinking man and, unfortunately, these are the ones in the majority.
Pirate Party Switzerland (Pascal Gloor, who also posted a blog about the Berlin meeting, in french) Link to his blog post
It is legal to encrypt anything in France since 1996 for 128-bit symmetrical keys, and for any key since 2004. While the law was valid for a long time, I do not have knowledge of any prosecution on that basis.
You mean, just like it is in France? Where using encryption to encode your mail is considered criminal?????
Nice trolling: encryption is perfectly legal in France. The French chapter of the Free Software Foundation even took care of getting an official approval for encryption tools like GnuPG and OpenSSL. See http://fsffrance.org/dcssi/dcssi.fr.html#dossiers (link in French)
And for a governmental source, look at the ssi.gouv.fr website, specifically on:
http://www.ssi.gouv.fr/fr/reglementation-ssi/cryptologie/index.html (link in French)
first paragraph states:"Under article 30 of Law 2004-575 of June 21st, 2004 on confidence in the digital economy, the use of cryptology is free in France."
This.
Many people just don't seem to care. It's either too difficult to understand, or they think they can find technological workarounds.
Those who do understand the implications and who don't think workarounds are the solution should make as much noise as possible. I have nothing to hide, but that doesn't mean I want my government to listen to me all the time. It's none of their business.
If I want to sack Gordon Brown, I can vote for David Cameron, there is a clear choice which causes the change. ....' because you don't know whose standing and no party can tell you at national election time who they will vote for at the next EU opportunity.
If I want to sack Barosso that's not possible. The EU elections are out of sync with national elections, the candidates for the EU job aren't even known at voting time, let alone who would vote for whom. So it's not 'vote for Labour is a vote for Barosso, a vote for Cons is a vote for
So, IN NO WAY, can European voters choose even INDIRECTLY who will run the EU Commission.
2014 change will not fix this, it token change. A non choice choice.
The same way you meaningfully ban anything else - by arresting anyone who does it. "Check this box if you are living in a country that allows encryption" sounds like a joke to us, but in places where your traffic is already monitored, using encryption may well draw unfriendly attention from authorities. It's not like encrypted traffic is hard to recognize without taking other obfuscation measures.
(Even in many countries where encryption is allowed, a court can force you to surrender your key.)
> There is probably not even a need to limit or ban encryption, because in a sense the Internet is already heavily regulated and not what it used to be. Thanks to all kinds of NATs, packet filters, and "intelligent" routers, the times when you could just connect one computer to another one to transmit information are long gone. Nowadays, if you want to be sure that your message reaches the destination without using a central server (which can be surveilled, subpoenaed, put under draconian laws, etc.) you need to dig through miriads of obscure heuristic NAT traversal techniques and use all kinds of hacks like ICMP tunneling or whatever.
So basically what you're saying is: "traffic can be intercepted, therefore the government doesn't need to outlaw encryption." Surely you understand that the entire fucking point of encrypting a connection is to make intercepted data useless? Your argument makes no sense at all. With encryption, why worry about your traffic passing through the ominously named 'central server'?