Avoid like the plague! Getting rid of malware! Testimonials Make A Payment
The man who trades freedom for security does not deserve nor will he ever receive either. - Benjamin Franklin
Most UK residents will have heard about Jacqui Smith's proposal to create an Uberdatabase by now. This would mandate all UK data handlers retain all connections data for 6 years and provide instantaneous access and tapping facilities for government agencies. It should be noted that this will NOT be a database of content as such, just EVERYTHING else with an option of monitoring you live if so desired. In essence they would be making your technology providers keep records of everywhere you go (both physically and virtually) and everyone you have any contact with, just in case any government agency 'needs' it.
So, paraphrasing imbeciles nationwide - "If you've got nothing to hide what have you got to be worried about?"
Well quite a lot really but you can boil it down to 3 main categories of objection...
1) Slippery Slope / Tip of the iceberg
There was of course no way of knowing whether you were being watched at any given moment. How often, or on what system, the Thought Police plugged in on any individual wire was guesswork. It was even conceivable that they watched everybody all the time. But at any rate they could plug in your wire whenever they wanted to. You had to live -- did live, from habit that became instinct -- in the assumption that every sound you made was overheard, and, except in darkness, every movement scrutinized. - George Orwell 1984
I've got a great idea! How about we install CCTV in every room of every building in the country? It would definitely cut crime so if you've nothing to hide how could you object? The fact is that all crime could be eliminated given harsh enough measures but there persists a deeply ignorant attitude amongst people - Daily Mail readers in particular - who contend that because a crime can be prevented it must be prevented. Clearly any sane person - and here I expressly exclude Daily Mail readers - must concede that people have some right to privacy and that this right must be balanced against others right to live in peace and not have crime committed against them.
Here's a question, how much do you trust the current government? Here's another, how much do you trust the government in 25 years time? Or even 50 years time? How much do you trust the foreign governments we will inevitably end up sharing 'our data' with? Establishing a precedent where the government has the right to know exactly where you are, what you are doing and who you are doing it in the company of may be defensible if and only if the government and its delegates (or "partners" as they now prefer to be called) are of utterly unimpeachable moral character and moderatley competent at administering such systems. Are they? Will they be in your grandchildren's generation? Think how useful this system could be to an even marginally corrupt regime. Think of how having the use of such a system at hand might lead the borderline corrupt over the edge.
There are no limits to the Police's rent seeking behaviour. The police and the secret service regularly claim to need new power ABC to fight problem XYZ, surely they know best so why should we deny it to them? The police and the secret service ALWAYS want more powers, why wouldn't they? You will never hear them say "actually we think we have a bit too much power now please take some away from us" and the entire country would be gobsmacked if they ever did. Law enforcers have a well known tendency to sink into corruption if not carefully managed, it's a phenomenon you can see all over the world, the subject of countless books and documentaries. All thinking people must agree there needs to be some limitation on police power and those limits ought to be based on facts rather than plain emotion. Anyone who reads the papers or watches the news could be forgiven for assuming crime is perpetually on the rise in Britain when, by most meaningful measures, it has been falling since the tories left office in the late 90s. This would suggest that the scope of powers the police already have are quite adequate, although naturally the police themselves would disagree.
So although it's current remit may be to combat the most serious tiers of crime once this data stockpiling and tapping system is established the pressure will be there to use it for policing lower tiers and more trivial crime. We have seen numerous examples of this in recent years with the flagrant misuse of anti-terror legislation and massive misuse of this schemes cousin RIPA. On top of this there will be growing pressure to use it in civil law, commercial fields and, no doubt, extend the retention period above 6 years.
There are other serious considerations too. There's the risk of lazy database policing becoming the norm. There's the danger of guilt by association and unwarranted targeting of innocents in a world when we're only 6 handshakes away from pretty much anyone. Databases all contain innacuracies and cross querying and data mining them can compound these innacuracies, the police's own databases being notoriously innacurate. The false positives, borderline cases and spurious associations that result from these innacuracies risk further alienating already disaffected people and groups thereby aggravating radicalism. Doubtless there are more, this being only the tip of the iceberg.
2) Data Security
Securing an environment of Windows platforms from abuse - external or internal - is akin to trying to install sprinklers in a fireworks factory where smoking on the job is permitted. - Gene Spafford
The systems we already have are regularly abused and we have no reason to expect this one will be any more secure. Private investigators (many of them ex cops and all unregulated in the UK) can often get you access to someone's police file for a price. Some call center employees collect and sell peoples credit card details. From time to time even the police themselves get caught abusing their own databases. Meanwhile UK.GOV has shown itself to be a lamentable steward of data that ought to be very tightly guarded: leaving it on trains, losing it in the post, selling unwiped computers on ebay etc. Of course the very nature of data makes its security a very hard problem to solve: enormous companies with huge budgets for IT security are regularly found to be leaking vast quantities of other peoples data sometimes with the help of insiders but often without. Thankfully the seriousness of these security breaches is often limited as most institutions only keep a limited range of data for a limited length of time.
Computer security is a very difficult thing to do well. Microsoft, with their 90,000 employees and 8 years of regular updates and patching STILL find security holes in Windows XP on an almost weekly basis. The Royal Navy is still fighting a virus outbreak that has infected 90% of its warships and submarines (as of March 2009). Our government has famously plowed 100s of billions of pounds into failed IT schemes over the years. How can we seriously expect them to make this far more ambitious one work and make it passably secure too? Answer: we can't. it's just not possible on the budget and time scale they have laid down. It is conceivable that a decade late and 5 times over budget they may eventually get it "working" but it's got a snowball in hells chance of being secure and. Trying to keep your sensitive data in it would be like trying to catch water in a sieve, and for what? To catch a few more fly-tippers? If they're lucky another shoe bomber?
Of course over-zealous council employees are not the only ones who might find such a system useful. Let's ask ourselves who else might be interested in a huge consolidated mass of people's personal data or a mechanism to tap their communications at will. I'm just going to toss off the first few that spring to mind.
- Blackmailers
- Foreign governments
- Foreign business
- Mafia / Crime Syndicates
- Stalkers
- Terrorists
- ID thieves
- IP thieves
- Press
- Private Investigators
- Hackers
3) It will be utterly ineffective for it's stated purpose.
The trouble with fighting for human freedom is that one spends most of one's time defending scoundrels. For it is against scoundrels that oppressive laws are first aimed, and oppression must be stopped at the beginning if it is to be stopped at all. - H. L. Mencken
OK, everyone can agree it will cost several billion pounds of everyone's money and although I'm sure the UK's large IT companies are falling over themselves to assure Jacqui that they can bring it in on time and under budget it will surprise no-one when it rolls up late, buggy and costs 3 times more than originally agreed. This hurts but it is the everyday hurt of massive government wastage on abortive IT projects we've all got used to over the years. What really hurts is that even after all this spending it will still utterly fail to meet it's stated public purpose, that of preventing serious crime and terrorism.
People who are planning on carrying out major crimes have a lot at stake and so you can assume they are going to go about it very carefully. Idiot criminals and terrorists get themselves caught already: they fail to set fire to their shoe, they buy 200 cans of castor beans or a set of bolt cutters with their debit card, their backpack just fizzes and drips etc etc. I warrant these are not the people we really need to worry about. The people you DO need to worry about - the type who might have the nous to actually hijack a plane or blow up a bus - are the type who this system will not help us catch. Why? Because this system can be TRIVIALLY avoided.
The Madrid train bombers (being smart enough to realize that government can already tap everyone's email and phones and have been able to for many years) communicated by all logging in to the same google account and leaving messages for each other in the 'drafts' folder. Hardly fucking rocket science you will agree! This system would not even catch those guys, the best it would do is identify them all as users of... er... Google. In reality there are almost unlimited ways a thoughtful person could use the internet for illicit and effectively anonymous communication. Configuring computers to leave no evidence and route communications anonymously is no longer the province of government spooks and elite hackers. Not only is the stuff to do this 100% legal and freely available to the public it is really easy to use. Even if the authorities were able to detect, trace and target someone via this system perfectly legal off the shelf encryption can render the tapping aspect of this scheme completely useless. This technology is so easy and ubiquitous the chances of any serious criminals NOT using it are ZERO and so the only people this system will catch are the incompetents and minnows we'd probably catch anyway. In the meantime we will have created an unrecedentedly large leaky personal data silo and surveillance system that many a criminal would kill to get into. Want to know the movements of the secretary of state for northern ireland? - hack the silo, need an new identity to cover up your misdeeds? - hack the silo, want to dig up some dirt to blackmail a detective at the Met? - hack the silo.
Of course, even for criminals who don't have the rather basic level of IT savvy needed to use the systems above this system is still trivially bypassed by - wait for it - not using phones and computers! The paranoid serious criminal always has recourse to the more traditional methods of plotting such as meeting in person, limiting who knows what, using dead letter drops etc. If the government's new 300 Billion pound database system records everywhere you go at all times via your mobile phone then just leave it at home. Better still send your accomplice an e-mail inviting them to a picnic and get them to take both your phones for a walk round the park while you go pick up the semtex and return hours later to a decent alibi.
At the end of the day overall crime in the UK is stable if not falling and we are suffering less terrorism than we have in decades. Ironically two areas that are bucking this trend and growing at an alarming rate are computer crime and ID theft. Our governments brilliant new idea: divert mind boggling amounts of cash away from schools, hospitals and the street level policing of violent crime to build an enormous, unprecedentedly invasive database and tapping system that can't be meaningfully secured and won't catch any really serious criminals and could quite conceivably endanger us further. Thanks guys, be seeing you - at the election.Roger Heathcote, 2009