A complete guide to the new ‘Crypto Wars’


Encryption is finally mainstream. Government officials and technologists have been debating since the early 1990s whether to limit the strength of encryption to help the law-enforcement and intelligence communities monitor suspects’ communications. But until early 2016, this was a mostly esoteric fight, relegated to academic conferences, security agencies’ C-suites, and the back rooms of Capitol Hill. Everything changed in mid-February, when President Barack Obama’s Justice Department, investigating the terrorists who carried out the San Bernardino, California, shooting, asked a federal judge to force Apple to help the Federal Bureau of Investigation unlock one attacker’s iPhone. What followed was an unexpectedly rancorous and unprecedentedly public fight over how far the government should go to pierce and degrade commercial security technology in its quest to protect Americans from terrorism.

Encryption Is Worldwide: Yet Another Reason Why a US Ban Makes No Sense


If a handful of lawmakers in the US and abroad have their way, encrypted communication would either be outlawed or come pre-fitted with government-friendly backdoors—insert your friendly government’s name here. There have been proposed bans in at least two states here, and now there’s a proposed federal ban on those state bans. Some of the smartest minds in cryptography have explained at length that backdoors are a bad idea because they make us all inherently less secure. But legislated backdoors make no sense for yet another reason: the criminals, terrorists, pedophiles and others whom governments hope to target would simply use encryption products made in countries that don’t require mandatory portals. A new worldwide survey of encryption products, compiled by noted cryptographer Bruce Schneier and colleagues Kathleen Seidel and Saranya Vijayakumar, shows just how rich the worldwide catalogue of encryption products is for anyone seeking alternatives.

How Surveillance Inhibits Freedom of Expression

In my book Data and Goliath, I write about the value of
privacy. I talk about how it is essential for political liberty and
justice, and for commercial fairness and equality. I talk about how it
increases personal freedom and individual autonomy, and how the lack of
it makes us all less secure. But this is probably the most important
argument as to why society as a whole must protect privacy: it allows
society to progress.

Encryption is Crucial to Privacy and Freedom

The aftermath of any major terrorist attack such as the recent tragedy in Paris appears to predictably include a call for new privacy-invasive policies that restrict freedom. After the attacks on 9/11, it was the passing of the USA PATRIOT Act; after the 2014 attack on Parliament Hill, it was the passing of Bill C-51. Throughout history, governments have always been a double-edged sword: We give them a monopoly on the use of force to protect us against the dystopian elements in our society, but in our constitutions, we have placed strong limits on the use of this force. We are now enjoying a bonanza in innovation in the area of information technologies. The associated prosperity has improved the lives of millions, and will continue to do so.

Why the TPP is a Canadian Digital Policy Failure

The official release of the Trans Pacific Partnership (TPP), a global trade agreement between 12 countries including Canada, the United States, and Japan, has sparked a heated public debate over the merits of the deal. Leading the opposition is Research in Motion founder Jim Balsillie, who has described the TPP as one of Canada’s worst-ever policy moves that could cost the country billions of dollars. My weekly technology law column (Toronto Star version, homepage version) notes that as Canadians assess the 6,000 page agreement, the implications for digital policies such as copyright and privacy should command considerable attention. On those fronts, the agreement appears to be a major failure. Canadian negotiators adopted a defensive strategy by seeking to maintain existing national laws and doing little to extend Canadian policies to other countries.

Mass Surveillance Isn’t the Answer to Terrorism

It’s a wretched yet predictable ritual after each new terrorist attack: Certain politicians and government officials waste no time exploiting the tragedy for their own ends. The remarks on Monday by John Brennan, the director of the Central Intelligence Agency, took that to a new and disgraceful low. Speaking less than three days after coordinated terrorist attacks in Paris killed 129 and injured hundreds more, Mr. Brennan complained about “a lot of hand-wringing over the government’s role in the effort to try to uncover these terrorists.”
What he calls “hand-wringing” was the sustained national outrage following the 2013 revelations by Edward Snowden, a former National Security Agency contractor, that the agency was using provisions of the Patriot Act to secretly collect information on millions of Americans’ phone records. In June, President Obama signed the USA Freedom Act, which ends bulk collection of domestic phone data by the government (but not the collection of other data, like emails and the content of Americans’ international phone calls) and requires the secretive Foreign Intelligence Surveillance Court to make its most significant rulings available to the public. These reforms are only a modest improvement on the Patriot Act, but the intelligence community saw them as a grave impediment to antiterror efforts.

Changes to Domain Name Rules Place User Privacy in Jeopardy


TG Storytime is a free community website for transgender authors, operated by Joe Six-Pack, himself a transgender author and publisher. If you look up the registration details of Joe’s domain tgstorytime.com using the WHOIS application, you get this result:
Registrant Name: Registration Private Registrant Organization: Domains By Proxy, LLC Registrant Street: DomainsByProxy.com Registrant Street: 14747 N Northsight Blvd Suite 111, PMB 309 Registrant City: Scottsdale Registrant State/Province: Arizona Registrant Postal Code: 85260 Registrant Country: United States Registrant Phone: +1.4806242599
Of course, these aren’t Joe’s actual contact details, since there are many reasons why Joe may not want those private details to be made freely available. Instead, Joe uses a proxy registration service that fulfils the rules of ICANN (the global domain name authority) that contact information be available for all domains, while keeping his actual details private. If anyone really needs to know Joe’s physical address or telephone number, they can apply for a court order or subpoena requiring his privacy service to disclose them. At least, that is how it works now.

Spies and internet giants are in the same business: surveillance. But we can stop them


On Tuesday, the European court of justice, Europe’s supreme court, lobbed a grenade into the cosy, quasi-monopolistic world of the giant American internet companies. It did so by declaring invalid a decision made by the European commission in 2000 that US companies complying with its “safe harbour privacy principles” would be allowed to transfer personal data from the EU to the US. This judgment may not strike you as a big deal. You may also think that it has nothing to do with you. Wrong on both counts, but to see why, some background might be useful.

Why Americans expect privacy: An open letter to FBI Director James Comey

Dear Director Comey:
There is no doubt there are bad people in this world. All one has to do is turn on the evening news or open a Web browser. Last week’s shocker was the beheading of Colleen Hufford in an Oklahoma food processing plant. This follows the worldwide news of the beheadings of James Foley, Steven Sotloff and David Haines by the radical Islamic State terrorist group. Of course, beheadings are only one form of deranged, twisted, and criminal behavior mankind is capable of.

Five Hard Encryption Questions


Over the past few weeks, I have been up to my neck in encryption. Usually, when a public policy issue consumes me like this, it’s because I have taken a strong position on it of one sort or another—one with which people disagree—and the result is a debate. In this case, I haven’t taken a strong position. Rather, I have struggled with a variety of ideas, trying to think my own way through to the right answer. Along the way, I have identified some questions in this debate that are, to my mind anyway, really hard.