From Portside <[email protected]>
Subject Without Encryption, We Will Lose All Privacy. This Is Our New Battleground
Date October 21, 2019 3:21 AM
  Links have been removed from this email. Learn more in the FAQ.
  Links have been removed from this email. Learn more in the FAQ.
[The US, UK and Australia are taking on Facebook in a bid to
undermine the only method that protects our personal information]
[[link removed]]

[[link removed]]


Edward Snowden
October 15, 2019
The Guardian
[[link removed]]

[[link removed]]
[[link removed]]
* [[link removed]]

_ The US, UK and Australia are taking on Facebook in a bid to
undermine the only method that protects our personal information _

If internet traffic is unencrypted, any government, company, or
criminal that happens to notice it can – and, in fact, does –
steal a copy of it, secretly recording your information for ever.,
Kacper Pempel/Reuters


In every country of the world, the security of computers keeps the
lights on, the shelves stocked, the dams closed, and transportation
running. For more than half a decade, the vulnerability of our
computers and computer networks has been ranked the number one risk in
the US Intelligence Community’s Worldwide Threat Assessment –
that’s higher than terrorism, higher than war. Your bank balance,
the local hospital’s equipment, and the 2020 US presidential
election, among many, many other things, all depend on computer

And yet, in the midst of the greatest computer security crisis in
history, the US government, along with the governments of the UK and
Australia, is attempting to undermine the only method that currently
exists for reliably protecting the world’s information: encryption.
Should they succeed in their quest to undermine encryption, our public
infrastructure and private lives will be rendered permanently unsafe.

In the simplest terms, encryption is a method of protecting
information, the primary way to keep digital communications safe.
Every email you write, every keyword you type into a search box –
every embarrassing thing you do online – is transmitted across an
increasingly hostile internet. Earlier this month the US, alongside
the UK and Australia, called on Facebook to create a “backdoor”
[[link removed]],
or fatal flaw, into its encrypted messaging apps, which would allow
anyone with the key to that backdoor unlimited access to private
communications. So far, Facebook has resisted this.

If internet traffic is unencrypted, any government, company, or
criminal that happens to notice it can – and, in fact, does –
steal a copy of it, secretly recording your information for ever. If,
however, you encrypt this traffic, your information cannot be read:
only those who have a special decryption key can unlock it.

I know a little about this, because for a time I operated part of the
US National Security Agency’s global system of mass surveillance. In
June 2013 I worked with journalists
[[link removed]] to
reveal that system to a scandalised world. Without encryption I could
not have written the story of how it all happened – my
book Permanent Record
[[link removed]] –
and got the manuscript safely across borders that I myself can’t
cross. More importantly, encryption helps everyone from reporters,
dissidents, activists, NGO workers and whistleblowers, to doctors,
lawyers and politicians, to do their work – not just in the
world’s most dangerous and repressive countries, but in every single

When I came forward in 2013
[[link removed]],
the US government wasn’t just passively surveilling internet traffic
as it crossed the network, but had also found ways to co-opt and, at
times, infiltrate the internal networks of major American tech
companies. At the time, only a small fraction of web traffic was
encrypted: six years later, Facebook, Google and Apple have made
encryption-by-default a central part of their products, with the
result that today close to 80% of web traffic is encrypted. Even the
former director of US national intelligence, James Clapper, 
[[link removed]]credits
the revelation of mass surveillance with significantly advancing the
commercial adoption of encryption. The internet is more secure as a
result. Too secure, in the opinion of some governments.

Donald Trump’s attorney general, William Barr, who authorised one of
the earliest mass surveillance programmes
[[link removed]] without
reviewing whether it was legal, is now signalling an intention to halt
– or even roll back – the progress of the last six years.
WhatsApp, the messaging service owned by Facebook, already
uses end-to-end encryption (E2EE)
[[link removed]]:
in March the company announced its intention to incorporate E2EE into
its other messaging apps – Facebook Messenger and Instagram – as
well. Now Barr is launching a public campaign to prevent Facebook from
climbing this next rung on the ladder of digital security. This began
with an open letter
[[link removed]] co-signed by Barr,
UK home secretary Priti Patel, Australia’s minister for home affairs
and the US secretary of homeland security, demanding Facebook abandon
its encryption proposals.

If Barr’s campaign is successful, the communications of billions
will remain frozen in a state of permanent insecurity: users will be
vulnerable by design. And those communications will be vulnerable not
only to investigators in the US, UK and Australia, but also to the
intelligence agencies of China, Russia and Saudi Arabia – not to
mention hackers around the world.

End-to-end encrypted communication systems are designed so that
messages can be read only by the sender and their intended recipients,
even if the encrypted – meaning locked – messages themselves are
stored by an untrusted third party, for example, a social media
company such as Facebook
[[link removed]].

The central improvement E2EE provides over older security systems is
in ensuring the keys that unlock any given message are only ever
stored on the specific devices at the end-points of a communication
– for example the phones of the sender or receiver of the message
– rather than the middlemen who own the various internet platforms
enabling it. Since E2EE keys aren’t held by these intermediary
service providers, they can no longer be stolen in the event of the
massive corporate data breaches that are so common today, providing an
essential security benefit. In short, E2EE enables companies such as
Facebook, Google or Apple to protect their users from their scrutiny:
by ensuring they no longer hold the keys to our most private
conversations, these corporations become less of an all-seeing eye
than a blindfolded courier.

It is striking that when a company as potentially dangerous as
Facebook appears to be at least publicly willing to implement
technology that makes users safer by limiting its own power, it is the
US government that cries foul. This is because the government would
suddenly become less able to treat Facebook as a convenient trove of
private lives.

To justify its opposition to encryption, the US government has, as is
traditional, invoked the spectre of the web’s darkest forces.
Without total access to the complete history of every person’s
activity on Facebook, the government claims it would be unable to
investigate terrorists, drug dealers money launderers and the
perpetrators of child abuse – bad actors who, in reality, prefer not
to plan their crimes on public platforms, especially not on US-based
ones that employ some of the most sophisticated automatic filters and
reporting methods available.

The true explanation for why the US, UK and Australian governments
want to do away with end-to-end encryption is less about public safety
than it is about power: E2EE gives control to individuals and the
devices they use to send, receive and encrypt communications, not to
the companies and carriers that route them. This, then, would require
government surveillance to become more targeted and methodical, rather
than indiscriminate and universal.

What this shift jeopardises is strictly nations’ ability to spy on
populations at mass scale, at least in a manner that requires little
more than paperwork. By limiting the amount of personal records and
intensely private communications held by companies, governments are
returning to classic methods of investigation that are both effective
and rights-respecting, in lieu of total surveillance. In this outcome
we remain not only safe, but free.

_Edward Snowden is former CIA officer and whistleblower, and author of
Permanent Record. He is president of the board of directors of the
Freedom of the Press Foundation_

_We hope you will consider supporting the Guardian’s open,
independent reporting today. Every contribution from our readers,
however big or small, is so valuable. SUPPORT US FROM AS LITTLE AS $1

_Support The Guardian [[link removed]]_

[[link removed]]
[[link removed]]
* [[link removed]]







Submit via web [[link removed]]
Submit via email
Frequently asked questions [[link removed]]
Manage subscription [[link removed]]
Visit [[link removed]]

Twitter [[link removed]]

Facebook [[link removed]]


[link removed]

To unsubscribe, click the following link:
[link removed]
Screenshot of the email generated on import

Message Analysis