Feeds

Straw slams civil liberties lobby

Do you speak Gibberish?

  • alert
  • submit to reddit

Beginner's guide to SSL certificates

Foreign secretary Jack Straw launched a scathing attack on the civil liberties lobby in an interview on Radio 4 on Friday.

Mr Straw, who pushed through some pretty Draconian laws while home secretary, complained to the Today programme that he was held back by civil liberties groups and was forced to water down police and secret service surveillance powers (in the RIP and Terrorism Acts, to name two).

It was tied in with the US terrorist attacks of course. Mr Straw said: "It wasn't Big Brother government. It was government trying to put in place increased powers so we could preserve our democracy against this new type of threat. Now people are saying: 'Why are these terrorists here?'" Which somewhat underlines many people's views of Jack Straw.

The argument is that if the police had been allowed to decrypt every email sent in or through the UK, then we would have no terrorists in Britain - and that that is far preferable to the government being allowed to snoop into our private or commercial lives whenever they fancy.

Smarting

The government is smarting from revelations that terrorists - some connected to the US atrocities - are working in Britain and had/maybe-still-are using the UK as a base. Current home secretary David Blunkett has also gone to town by advocating ID cards - a frequent government solution to embarrassing matters that it can't control.

However, UK citizens have stepped into the argument using their weapons of logic and rational thought over political frustration, ill-informed evangelising and desire for power. Newsgroups have been buzzing with informed comment.

How exactly would extensive powers for the police to eavesdrop on every UK citizen have helped prevent the appalling attacks in the US?

Below are just a few comments we've seen:

"At the back end of the cold war, I was a party to several defence and intelligence policy studies that concluded that the new style threats that we would face would require a shift of resources from electronic to human intelligence assets in order to maintain effective defences. It would be interesting to look at the split of the UK intelligence budget between MI5/6 (spies) and GCHQ (electronics) over the last decade to see if any such shifts have taken place. I hope that Parliament will look into this once
the dust has settled."

"They [the terrorists] seem to have made some use of e-mail but it was all unencrypted and (without the benefit of hindsight) apparently innocuous. If I was involved in an undertaking with a thousandth as much at stake, I would want to look my confederates in the eye to see how they reacted to what I said."

"Both government and broadcasters have framed the debate as a platitudinous 'balance' between civil liberties and public safety. But this was always a false dichotomy - the main thrust of criticism against the RIP Act is that it is completely ineffective. Four methods have been suggested for dealing with criminal use of encryption. Three are fatally flawed, but more importantly, they try to solve to wrong problem."

"The problem is that no politician would have the guts to say that the chief object of policy was suborning commercial and institutional traffic."

"I don't think that any amount of signals intelligence, however intrusive, would have caught them. They were far too careful and especially too sparing in their use of telecommunications. More powers to intercept or to decrypt are simply barking up the wrong tree. In fact, without some infiltration of the organisation, I don't think there was anyway of catching them before they got to the airport."

"I do not blame the electronic intelligence agencies for what has happened since not even they can subvert the laws of physics."

"Attempts to blame those who fought against GAK in RIP are, in my view, attempts to divert attention from the real issue - why Jack Straw and his friends in law enforcement spent so much time on RIP instead of on other measures that would have stood more chance of success agianst the sort of attacks we have now experienced."

"Nobody seems to have mentioned the extreme loyalty within Arab groups - not just to families, but also to the leader of the group. This has been explained to me by several people who have worked out in the Middle East."

Mass attack

We have covered in the past how encrypted messages can easily be hidden from authorities - most simply by putting a second encrypted message within the first. The fact that the attacks happened without security services having the slightest idea would suggest a very small, compact group as opposed to a huge conspiracy.

Would mass surveillance locate such a group? The likelihood is minute. Then of course there is the implicit assumption that the terrorists were so stupid that they wrote huge swathes of what they intended in straightforward text and send all of it over the Internet in the form of emails.

Unless all of these assumptions are true, mass surveillance would be of very little help. There can little doubt that much of the organisation was done face-to-face, because that is simple human interaction. It is very hard to persuade someone to do something (like kill themselves) over email.

And when it comes down to fine details, how much information is needed to inform someone of which flight to board, or which embassy to bomb? None at all. Not in terms of the billions of bytes criss-crossing the Internet every second.

In short, where we have failed is in insufficient human interaction with dangerous people. Technology has the unnerving effect of making you believe that because you have so much information then you have captured everything you need to know. Nothing could be further from the truth.

If all this intended surveillance had no palpable effect on commercially sensitive information; didn't mean that the authorities would have unreasonable access to your personal details; wouldn't allow for simple abuses and threats, we would welcome it.

But it does and we don't. ®

Related Stories

Broader surveillance won't prevent terrorism -Schneier
Internet Security: We're all responsible
Brits want ID cards, not worried about privacy
Americans want Uncryption

Security for virtualized datacentres

More from The Register

next story
Hey, Scots. Microsoft's Bing thinks you'll vote NO to independence
World's top Google-finding website calls it for the UK
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
Apple CEO Tim Cook: TV is TERRIBLE and stuck in the 1970s
The iKing thinks telly is far too fiddly and ugly – basically, iTunes
Israeli spies rebel over mass-snooping on innocent Palestinians
'Disciplinary treatment will be sharp and clear' vow spy-chiefs
Huawei ditches new Windows Phone mobe plans, blames poor sales
Giganto mobe firm slams door shut on Microsoft. OH DEAR
Phones 4u website DIES as wounded mobe retailer struggles to stay above water
Founder blames 'ruthless network partners' for implosion
Found inside ISIS terror chap's laptop: CELINE DION tunes
REPORT: Stash of terrorist material found in Syria Dell box
OECD lashes out at tax avoiding globocorps' location-flipping antics
You hear that, Amazon, Google, Microsoft et al?
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.