Why Sweden's Plan To Spy On Emails Does More Harm Than Good
from the needle-and-a-haystack dept
There's been a lot of talk about the proposal from the Swedish government to monitor all emails crossing national borders for certain keywords that could suggest terrorist activity. It's not surprising that such a proposal would get plenty of attention, but there are a few reasons why it's simply a bad idea. The difference between this plan (if it's put into place) and similar efforts in other countries is that most require court order or warrant -- which adds a layer of oversight concerning whose content is open to monitoring. When it's just open ended it's not at all far-fetched to think that the system will be misused to spy on people who have absolutely nothing to do with terrorist activities. In a free and democratic society, you're not supposed to spy on those people. A second issue is that the more you make it possible to access and spy on people's emails, the more likely it is that someone with nefarious intent will also figure out a way to access those emails. Even if the government is made up of saints who will never misuse the information, by opening some sort of backdoor, someone else will figure out a way in -- and that's dangerous for everyone.The biggest issue, however, concerns just how effective this type of monitoring really is in practice. Doing basic keyword or even contextual filtering will turn up a ton of false positives, making the haystack in which any needles need to be found pretty damn big. This actually makes it even harder to turn up the useful information, since anyone scanning the output becomes accustomed to false positives. The end result isn't better security, it's just a ton of excess data. Finally, those who actually are a threat have long known that their emails were open to monitoring, and have long moved on to various systems to hide their intent -- whether it's as simple as using code words or using some sort of encryption software to not using email at all -- many of these people aren't going to simply walk right into such a trap. There are much better means of tracking down and monitoring people who are dangerous to us. Setting up a broad system of monitoring and filtering emails sounds good on paper, but doesn't do much to make people any safer.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Reader Comments
Subscribe: RSS
View by: Time | Thread
Yeah..
Yeah, but profiling is illegal. Seriously thought, that law was more like a way around warrants. Do you really think they would scan all that mail every day? The first thing they would do is levels of filtering, with key people being very closely monitored... except this way they don't have to get a warrant.
[ link to this | view in thread ]
anyone with anything to hide encrypts it, or will use code words anyway. it will find people who talk about things governments don't like though, assuming they can actually monitor that well
[ link to this | view in thread ]
One myth, one major weakness
The major weakness: The malefactors will assume anything they send is being listened to and hide it in a pile of innocent chatter.
John: I think we need to go to the opera tonight.
Adam: Good for me. Meet for dinner and drinks at 8?
Can stand for "We need to [terrorist act] tonight." "Good for me. [carry it out] at 8?"
[ link to this | view in thread ]
-terrorism (read all in/out emails)
-child sexual abuse (watch your MySpace usage)
-reckless driving (limit video game usage)
-Internet addiction (limit total online time)
-marital infidelity (monitor craigslist erotic services)
-prevent homosexuality (monitor craigslist casual encounters)
-etc, etc, etc...
Clearly, the computer is destroying our world faster than a Humvee with a bulldozer attachment clearing rain forest.
[ link to this | view in thread ]
Faustian Bargain
[ link to this | view in thread ]
RE:Faustian Bargain
how are these two things connected in any way?! first of all the 'anarchists' didnt suddenly gather, they were there for 20 years...
and all the other things, putting bombs in trash etc etc. I highly doubt anyone who is going to do this is going to write an email about it first, unless they are deliberately trying to tip someone off.
[ link to this | view in thread ]
Re: RE:Faustian Bargain
[ link to this | view in thread ]
re: One myth, one major weakness
Actually, I absolutely agree with the point you're making, but this conversation is likely to be pretty one-sided....
[ link to this | view in thread ]
Sweden?
[ link to this | view in thread ]
[ link to this | view in thread ]
Re: Sweden?
[ link to this | view in thread ]
Grow up.
Note to the Swedish government: the left-wingers here in America scream, bitch and cry... but they, deep down in their hearts, know the Western governments of the world are - basically - good and want to protect their citizens.
Have a strong back, thick skin and push thru this program. The Left will bitch, but they know it's for the best.
[ link to this | view in thread ]
Re: Re: Sweden?
However, the Swiss also have their Onyx intelligence system which monitors civilian emails in the same way that this Swedish program has been described. So maybe it doesn't matter so much after all?
[ link to this | view in thread ]
"The world is better off if these sickos are stopped before they ever do anything."
The thing that is sick here is the propaganda you have been spoon fed. Yeah! Lets give all our rights to the rich so they can protect themselves from us?
I don't agree with "extremists" but the reality is these laws don't stop there. Soon everyone could be an crazy liberal including you.
According to a recent study by 2020 over 50% of my state (Washington) will have been involved in the prison system. Imprisoning people already accounts for over 80% of my property taxes.
Ask yourself this, do we really want to let our governments find new reasons to imprison people? New reasons to search your private transactions? More reasons to turn you into a criminal and then lock you up in your new prison state?
I will pass on it myself.
[ link to this | view in thread ]
Re:
;)
You're absolutely right, though. The government should be regulated...I think that's the point of democracy. But the question of "how far is too far" is quite a tricky one to answer.
You don't have to be subjugated, though. Take some incentive and change the world! Jeez, haven't you ever read Nietzsche? You, too, can be an ubermensch!
Anyway, I think if you let democracy run its course through next November we'll find that you're not alone in fearing government invasion of privacy.
[ link to this | view in thread ]
Duh! USA gov is sifting this with 'CARNIVORE'
[ link to this | view in thread ]
PGP
COme to think of it, it would not be too hard to breack public key encryption by using a crib, encrypting a string of data and then testing possible private keys. ONly the first few bytes would need to be tested at first, and that would allow you to get information about possible private keys. Each attempted private key tested would increase the amount of information you have, until you have a only a small set of possible private keys which can be brute-forced. This would probably take a lot less processor cycles than a straight burte-force crack, menaing that it could be much quicker for a government to break open encypted traffic, and maybe make it practical for private criminals to break into HTTPS traffic.
Someone will probably say I should not ahve posted this idea, so I will defend myself now. Basically, the idea of using a crib and computer to provide information about the code used goes back to the the early British Bombes (or possilby even the earlier Polish Bomby), so it is hardly a new idea. Nor is using mathematicall analysis in cryptography. This ida may even be used now, since it is so obvious, but I have not come accross it written up anywhere, so I thought I would post it now.
[ link to this | view in thread ]
Re: PGP
Interestingly, don't assume that all governments are afraid of or against encryption. Some forces in government very wisely realise that it's inevitable and correct. The European commission made a detailed report some time ago giving a point by point recommedation for why encryption should be encouraged and even mandated for civillian communications. It's only the very sinister, paranoid and insecure but vocal few that want an aymetrical state of affairs. That position reveals itself for what it is without further analysis.
[ link to this | view in thread ]
hjj
[ link to this | view in thread ]
BUSINESS PROPOSAL
[ link to this | view in thread ]