Archive | War on Terror

Hot air from Washington on encryption (and a rather chaotic summit on extremism)

US president Barack Obama has been expected to present his policy on encryption for some time now. And, finally, he did. Kind of. Or not.

Ars Technica reports…

“I think the only concern is… our law enforcement is expected to stop every plot. Every attack. Any bomb on a plane. The first time that attack takes place, where it turns out we had a lead and couldn’t follow up on it, the public’s going to demand answers. This is a public conversation that we should be having,” Obama said in a Friday interview with Re/Code. “I lean probably further in the direction of strong encryption than some do inside law enforcement. But I am sympathetic to law enforcement, because I know the kind of pressure they’re under to keep us safe. And it’s not as black and white as it’s sometimes portrayed. Now, in fairness, I think those in favor of air tight encryption also want to be protected from terrorists.”

See the interview at Re/Code here. »

Another presidential quote…

“One of the interesting things about being in this job, is that it does give you a bird’s-eye view. You are smack dab in the middle of these tensions that exist. But, there are times where folks who see this through a civil liberties or privacy lens reject that there’s any tradeoffs involved. And, in fact, there are. And you’ve got to own the fact that it may be that we want to value privacy and civil liberties far more than we do the safety issues. But we can’t pretend that there are no tradeoffs whatsoever.”

The man is clearly stalling.

So what about the international security summit in Washington this week? Well, it seems to have changed in nature towards something more of a high level conference on extremism — to smooth over the fact that President Obama didn’t go to Paris after the terroris attacks. The BBC reports…

Still the planning seems a bit chaotic. Invitations to the summit went out to foreign embassies on 29 January, a State Department official told me.

At an event at the Atlantic Council in Washington on the following day, European officials said they still weren’t sure which minister would be appropriate to send to Washington.

Even those who are passionate about the goals of the summit – combating violent extremism – wonder about the optics – a term the Washington political class use to describe how an event is perceived.

In the end, it all boiled down to being a back drop for president Obama to deliver yet another very Kum Ba Yah speech.

The trip to Washington did however provide an opportunity for a plethora of meetings between EU and US politicians and security officials. Which is probably where all the interesting stuff went on. The stuff the general public is not supposed to know about — yet.

/ HAX

Links:
The Obama interview at Re/Code »
Ars Technica: Obama hedges position on encryption. It’s good. It’s bad. »
Slate: Tech Whiplash: Obama Endorses, Then Undermines, Encryption »
BBC: Extremism summit: Too little, too late, too chaotic? »
White House: Remarks by the President in Closing of the Summit on Countering Violent Extremism »
Breitbart: Extremists Attending Obama’s ‘Countering Extremism’ Summit »

0

European Parliament still standing up to PNR

Thursday and Friday this week there will be another EU summit, where national leaders will adress security issues. A European Passenger Name Registration (PNR) system will to be among the top subjects on the agenda — as this also is to be a priority topic at the Global Security Summit in the US next week.

But the European Parliament will not back down. The majority position seems to be that you should not retain personal data about all air passengers in the EU — only when it comes to “a smaller target list of suspects”.

Liberal MEP Sophie in’t Veld declares that “fundamental issues of trust surrounding data sharing needed to be addressed before provisions for collecting data are centralised”.

Read more: Parliament resists pressure on passenger data ahead of EU summit »

/ HAX

1

In two weeks time, world leaders may decide to undermine encryption

There are telltale signs that the US administration will move against encryption. The latest comes from Bob Litt, the General Counsel for the Office of the US Director of National Intelligence (ODNI).

In a speech this week he echoed the demand that government should be allowed access to all our information. Among other things, he touched on the idea of a magical golden key.

I’m not a cryptographer, but I am an optimist: I believe that if our businesses and academics put their mind to it, they will find a solution that does not compromise the integrity of encryption technology but that enables both encryption to protect privacy and decryption under lawful authority to protect national security.

Even if this is not a ban on encryption, it is very serious. Mike Masnick at  Techdirt explains…

I’m not sure how many times in how many different ways this needs to be explained, but what they’re asking for is a fantasy. You cannot put a backdoor in encryption and create a magic rule that says “only the government can use this in lawful situations.” That’s just not how it works. At all. The very idea of decryption by a third party “compromises the integrity of the encryption technology,” almost by definition.

But I’m not sure this will be considered as a valid argument by our ignorant politicians.

It would make little sense for the US to go for a “magical golden key” on its own. Likely other members of the NSA Five Eyes group (UK, Canada, Australia and New Zeeland) will do the same.

And the EU? Europe normally follows the US in these matters. There will be an Global Security Summit in Washington later this month. And there are reasons to believe that also politicians in most EU member states would like to give their authorities the ability to circumvent encryption.

As EU member state ministers for justice and home affairs made their last meeting (in Riga) an informal one, this topic might very well have been up for discussion. (But the public is not allowed to know exactly what went on.) This is exactly what you might expect — and exactly the kind of thing the Council would keep under wraps, to avoid debate and protests until it’s too late. And the timing is just right.

The way the world is right now (Ukraine, IS and potential monetary crises) it should be no problem for world leaders to package the whole thing as “emergency legislation”.

The European Parliament will object, no doubt. But it will be sidestepped. All EU member states have to do is to agree to make this national legislation in all (or most) member states.

As a matter of fact, the EU has no formal competence when it comes to national security matters. So it will have to be a multilateral arrangement.

All the European Parliament can do is to try to protect human and civil rights in a wider sense. But that will probably not go beyond a sharply formulated resolution.

The matter can be sent to the European Court of Justice (for breach of the EU Charter of Fundamental Rights) or the European Court of Human Rights (upholding the European Convention on Human Rights). But in both cases a court process may drag out for years.

In this matter, politicians can do almost as they want. And they will not fail to make use of current world events as an excuse. (Never waste a good crisis.) The only thing that might stop them is general outcry — on a massive scale.

Soon we will know. All eyes on the Global Security Summit in the US on February 18.

/ HAX

Techdirt: Intelligence Community’s Top Lawyer Endorses Desire For Unicorns, Leprechauns & Golden Keys That Don’t Undermine Encryption »

2

Riga Council meeting: EU to step up War on Terror

UK Prime Minister David Cameron as well as EU Counter-Terrorism Coordinator Gilles de Kerchove have floated the idea that governments should be able to access all our communications–including encrypted information.

This would not only have privacy implications. The practical effects and problems would be monumental.

A ban on encryption is only one of many ideas and suggestions that will be on the agenda at the EU justice and home affairs ministers meeting in Riga next week.

PC World reports…

Next week’s EU ministerial meeting will be an informal one behind closed doors, where no formal decisions will be made. The ministers will discuss broadly how to implement all the counter terrorism measures that have been discussed in the last month, the Commission official said, adding that in addition to De Kerchove’s advice, ministers will also take into account suggestions made by the Commission and EU member states.

The fact that this is an “informal” meeting is cause for vigilance. This way the ministers can initiate projects and proposals under the radar.

Closed doors will also be a perfect opportunity for them to discuss how to “harmonize” EU and U.S. antiterror legislation. (In preparation for the EU and U.S. security summit in February.)

All eyes on Riga, next Thursday.

/ HAX

1

ISPs to be dragged into the War on Terror?

Sunday, interior ministers from EU member states, EU Commissioner for Migration and Home Affairs Dimitris Avramopoulos, U.S. Attorney General Eric H. Holder Jr., U.S. Deputy Secretary of Homeland Security Alejandro Mayorkas, the minister of Public Safety of Canada Steven Blaney and European Counter-Terrorism Coordinator Gilles de Kerchove all met in Paris.

Their mission was to come up with a response to the Paris terror attacks.

“We reaffirm our unfailing attachment to the freedom of expression, to human rights, to pluralism, to democracy, to tolerance and to the rule of law: They are the foundation of our democracies and are at the heart of the European Union.”

OK. Thanks…

“We are concerned at the increasingly frequent use of the Internet to fuel hatred and violence and signal our determination to ensure that the Internet is not abused to this end, while safeguarding that it remains, in scrupulous observance of fundamental freedoms, a forum for free expression, in full respect of the law. With this in mind, the partnership of the major Internet providers is essential to create the conditions of a swift reporting of material that aims to incite hatred and terror and the condition of its removing, where appropriate/possible.”

Somehow, all the reassurances about fundamental rights–in this context–makes me a bit uneasy. From working in the European Parliament, I have learned that when something is wrapped up in this kind of language you should be on your guard.

What it all boils down to is to involve Internet service providers more in removing jihadist sites. It seems.

It’s unclear in what way this changes anything from today. If a site is illegal, normally it will be removed. Is the idea to cut out the judicial process from the operation? Or what?

Some of the wordings shows similarities to what has been discussed when it comes to copyright infringements. And in that setting, the purpose has been to make ISPs responsible for policing the net.

So, are they trying to make ISPs responsible for tracking down and censoring jihadist sites?

We don’t know. Yet.

The EU officials will continue their talks at the “informal” Justice and Home Affairs Council (JHA) in Riga on January 29. And it will be on the agenda at the next EU summit. Then, in February all the people from the Paris meeting will come together again, in the U.S..

Be vigilant. Before you know it ISPs might find themselves between a rock and a hard place. In the front line of the War on Terror.

/ HAX

DW: Data sharing, tighter EU outer border, urged at Paris talks »
Joint statement from the Paris meeting (PDF) »

2