Last year one of the more troubling provisions of the UK's Regulation of Investigatory Powers Act (RIPA) finally came into effect. This piece of legislation made it a criminal offense to refuse to decrypt almost any encrypted data residing within the UK if demanded by authorities as part of a criminal investigation. The penalty for failure to decrypt is up to two years imprisonment for "normal" crime, and up to five years for "terrorism."

As two men accused of "terrorism" discovered last week, the long-standing right to silence does not trump the RIPA powers. The UK's Court of Appeal judged last week that the pair, named only as "S" and "A," could not depend on their right of silence to refuse to provide decryption keys. In the decision, the Court stated that although there was a right to not self-incriminate, this was not absolute, and that the "public interest" can supersede this right in some circumstances.

Further, the court also drew a distinction between making a statement that is incriminating, and evidence that happens to incriminate. Encryption keys, and encrypted data itself, exist independently of the accused men, and although the data may be incriminating, the men were not being asked for the data; they were being asked for the decryption key. As such, there was deemed to be no question of self-incrimination; the decryption keys are neutral, neither incriminating nor exculpating.

Though the decision is unsurprising—British courts are loathe to gut legislation, even if it is poor legislation—it is nonetheless unfortunate. The court argued that a decryption key was no different from a physical key, something harmless and incapable of incriminating, but there are significant differences between the two. Most obviously, one cannot be compelled to hand over a physical key; if the police or intelligence services should find it then they can use it, but if they cannot, they must work around its absence. That workarounds are considerably harder for encryption than they are for physical locks is unfortunate for law enforcement, but surely should not diminish the rights of the accused.

More fundamentally, the legislation is useless against criminals who know what they are doing, because such criminals can use encryption software that gives them plausible deniability. The best-known program achieving this is TrueCrypt. TrueCrypt allows the creation of encrypted disk with two passwords, with each password providing access to different data, one set harmless, the other truly secret. The would-be criminal can then disclose the password to the harmless data, thereby keeping the truly secret data secret. There is no way to tell from the encrypted data itself that this scheme is in use, so it should provide ample protection against investigations.

Orwell's Britain

Moving swiftly on, the British government has outlined a number of options it is considering legislating next year. Chief among these is the creation of an immense database containing information about every phone call and Internet connection made within the UK. Unsurprisingly, this has been widely branded as an Orwellian, Big Brother database.

ISPs and phone companies within the UK already keep voluntary databases of mobile phone calls (recording dates, times, durations, and locations) and Internet traffic (web pages visited, e-mail addresses used). These databases contain 12 months of data, and requests to view the data can be made by law enforcement as part of their investigations into crimes. The new proposal is to centralize and consolidate this database, making it government-owned and operated. This upside is that this would increase the information available, and make it far easier for law enforcement agencies to look at. The downside, of course, is that this would increase the information available, and make it far easier for law enforcement agencies to look at it.

The justification for the database is, of course, terrorism. Terrorists use mobile phones and e-mail to coordinate their activities, so clearly the government—specifically, GCHQ, the service responsible for SIGINT, which devised the plans—needs to know about all the e-mails and phone calls that people are making. They're stopping short—at the moment—of demanding the actual contents of the e-mails and phone calls, but, if such a database were implemented, that would surely be the next logical step.

At this stage, the database is not legislation, nor even proposed legislation. The proposals are an indication of one direction the government will follow, but so far nothing has gone before Parliament. Even within the Home Office, however, there has been considerable backlash; a memo leaked to the Sunday Times expressed grave misgivings about the plans among senior Home Office officials; the database was decried as "impractical, disproportionate, politically unattractive and possibly unlawful from a human rights perspective." Coming from civil servants, that's harsh criticism indeed.

Passport, please

Knowing that a phone call has been made doesn't do much if you don't know who owns the phone numbers. In the days of land-lines, this wasn't a problem; just look up the addresses that the numbers correspond to and Bob's your uncle. Mobile phones are another matter; prepay phones offer great anonymity, as they can be bought for cash.

If the UK government gets its way, that practice will come to an end. The plan is to demand that anyone buying a phone will have to show their passport. Vendors will collect this information, and it will be entered into a national registry. With 72 million mobile phones in the UK, some 40 million of which are prepaid, this measure is necessary if GCHQ's database is to be of any value. A database that could not identify the majority of mobile phone users would fill this gap.

Future privacy, or, rather, the lack thereof



All this paints a pretty sorry picture of the future of privacy in the UK. We here in Airstrip One already have an unparalleled density of closed-circuit TV, but CCTV is a different animal to the proposals here. CCTV has one fundamental difference from Orwell's telescreens; CCTV records what we do in public, whereas the telescreens recorded us in our own homes. We might not like our public behavior being recorded by the government, but in a sense, it is merely a scaled-up version of what the police and MI5 can already do.

These database proposals are a different kettle of fish. They cross over from monitoring of public behavior into monitoring of private behavior. That the phone company knows who I call is a necessary feature of the technology (the phone network obviously needs to know where the endpoints are, and I have itemized billing), but the government has no such justification. The underlying argument—that terrorists use encryption, mobile phones, e-mail, and that to stop terrorists we have to be able to monitor these technologies—can be used to justify just about anything. Once the hardware was in place to perform the monitoring—and GCHQ trials of interception hardware have already begun on the Vodafone network—it would be easy to argue that it was necessary not just to record that calls were made and e-mails were sent, but that it had become necessary (for national security, naturally) to actually listen to those calls and read those e-mails.

Slippery slopes aside, the most likely outcome is not that more terrorists are caught, but simply that they use alternative means of communication. Perhaps they will be able to import phones from abroad (roaming is expensive, but surely a small price to pay if the alternative is being caught up in the government's net), perhaps they will depend more heavily on stolen phones (pity the poor sod whose stolen phone links him to the next terrorist attack), or perhaps they will simply rely on other communications mechanisms. Mobile phones are convenient, but if they're unsafe for conducting terrorist operations, terrorists will just stop using them.

It would not surprise me to see Skype, and other VoIP systems, as the next subject of government scrutiny. Likewise, many e-mail services offer SSL connections to non-UK servers for mail transfers; any terrorist concerned about the government monitoring could use one of these. Just as there are data encryption systems that can defeat RIPA, there are communication systems that defeat the proposed database, and which do so before the legislation has even been passed to create the database in the first place. This is truly pointless legislation that will make us no safer.

These flaws are compounded by the government's rampant inability to run IT projects successfully, and to properly safeguard sensitive data that it has collected. These databases will be expensive to create, the monitoring hardware expensive to deploy, and leaks are, given this government's track record, inevitable. Even if we were convinced by the need for such databases, should we not at least demand that the government puts its house in order first? They cannot properly manage the data they already have; giving them more data is asking for trouble.

Though these plans are dismal, there is a slight glimmer of hope. The British government has suffered some legislative setbacks recently; its legislation to allow suspects to be held for 42 days without charge did not get through our (unelected, undemocratic, but absolutely priceless) upper house, and it looks like the government does not have the support or the will to force the legislation through. A similar backlash against any new proposals is not out of the question, and that they have already been preemptively panned by Home Office employees could be an indication of a broader rejection of greater government intrusion. For the good of our civil liberties and wallets alike, let's hope that our elected representatives take the same view.