Secretary Of State: We Must Have A Secure Internet; Homeland Security Secretary: A Secure Internet Makes Us All Less Safe

from the watch-out-for-the-buts dept

Secretary of State John Kerry gave a speech in South Korea this week about the importance of an "open and secure internet." Of course, that sounds a little hypocritical coming from the very same government that is actively working to undermine encryption, so it seems worth contrasting it with comments made from Secretary of Homeland Security Jeh Johnson, in which he whines about a secure internet making things better for terrorists. Kerry's speech is mostly good (with some caveats that we'll get to), in talking about the importance of not freaking out over moral panics and FUD:
Freedom. The United States believes strongly in freedom – in freedom of expression, freedom of association, freedom of choice. But particularly, this is important with respect to freedom of expression, and you believe in that freedom of expression here in Korea. We want that right for ourselves and we want that right for others even if we don’t agree always with the views that others express. We understand that freedom of expression is not a license to incite imminent violence. It’s not a license to commit fraud. It’s not a license to indulge in libel, or sexually exploit children. No. But we do know that some governments will use any excuse that they can find to silence their critics and that those governments have responded to the rise of the internet by stepping up their own efforts to control what people read, see, write, and say.

This is truly a point of separation in our era – now, in the 21st century. It’s a point of separation between governments that want the internet to serve their citizens and those who seek to use or restrict access to the internet in order to control their citizens.
That sounds good... until you compare it to Kerry's cabinet partner Johnson, who was doing exactly what Kerry said governments should not do:
“We are concerned that with deeper and deeper encryption, the demands of the marketplace for greater cybersecurity, deeper encryption in basic communications,” Johnson said on MSNBC’s “Morning Joe” on Friday. “It is making it harder for the FBI and state and local law enforcement to track crime, to track potential terrorist activity.”
Let's not even bother with the question of just what is "deeper and deeper encryption" or why we should have someone who clearly doesn't understand encryption in charge of Homeland Security. But it seems clear that Kerry and Johnson's views here are quite different. Kerry is saying that "governments will use any excuse they can" including bogus claims about "terrorism" and "criminals" -- and yet that's exactly what Johnson is doing.

Of course, later in his speech, Kerry starts enumerating a similar list for any country to use, should they want to control speech as well:
First, no country should conduct or knowingly support online activity that intentionally damages or impedes the use of another country’s critical infrastructure. Second, no country should seek either to prevent emergency teams from responding to a cybersecurity incident, or allow its own teams to cause harm. Third, no country should conduct or support cyber-enabled theft of intellectual property, trade secrets, or other confidential business information for commercial gain. Fourth, every country should mitigate malicious cyber activity emanating from its soil, and they should do so in a transparent, accountable and cooperative way. And fifth, every country should do what it can to help states that are victimized by a cyberattack.
In other words, here are the guidelines for any other countries to attack freedom of expression and openness online. Just claim it violates one of the list above and the US can't complain. We've certainly seen it happen before. DDoS attacks launched based on claims that it's in "response" to a hacking attempt. Or Russia cracking down on dissidents by arguing that they must be infringing on copyright law.

Kerry's statement is the kind of thing that very few people would argue against. It seems obvious: of course we don't want attacks on critical infrastructure (though, the government likes to define "critical infrastructure" in a manner that best serves its own needs), or corporate espionage. But Kerry defines things in such a broad manner (including the bogus use of "theft" for "intellectual property") that it leaves the US wide open to abuse. Kerry was right at the beginning in arguing that governments will use any means necessary, so why give them this kind of opening? As we've seen for years, when the US beat up on China for not respecting our patents, China eventually "turned things around" by focusing on figuring out ways to use patents to block American companies from beating local Chinese firms in its market.

This isn't arguing that cyberattacks or infringement of intellectual property are good things -- just that giving foreign nations a "open internet, but..." allows them to make use of the "but..." portion to do all sorts of horrible things that suppress dissent and free expression, and then argue that they had to do it, because the US told them to do so. And, of course, it's not just foreign governments, but as Johnson's comments make clear, those at home as well. None of this means to encourage bad or illegal behavior online -- but to recognize that pushing for internet freedom means actually pushing for internet freedom, which is difficult to do when you immediately encumber it with your own set of conditions, and your colleagues are undermining the very foundation of a secure internet.
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: encryption, jeh johnson, john kerry, open internet, south korea


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    Violynne (profile), 20 May 2015 @ 12:06pm

    I remember a time when smart phones didn't exist.

    I remember a time when the internet didn't exist.

    I also remember a time where people could travel between countries without having an invasive body search done.

    But you know what else I remember? "Terrorist" activities. Hijackings, bombings, and murders all done before the "technology" of today existed.

    If these actions couldn't be stopped then, and the technology sure as hell didn't stop two attacks against the WTC, what in the hell do these people think they'll accomplish by spying on everyone?

    The only way "terrorist" activities can be stopped is by killing the human species. It's the only way to be sure.

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 20 May 2015 @ 1:03pm

      Re:

      This, this, this, so damn much.

      We have turned into such a nation of sissies that we can't even let our kids out of the house. We will become so paralyzed with fear that will pretty much be the same as all those hypochondriacs we like to make fun of on TV.

      We have completely lost the concept of acceptable risk.
      Before you are harmed by a terrorist you are more likely to be shot by the police, die in a car crash, killed by your doctor, or die from tylenol.

      link to this | view in chronology ]

      • icon
        nasch (profile), 20 May 2015 @ 3:38pm

        Re: Re:

        Before you are harmed by a terrorist you are more likely to be shot by the police, die in a car crash, killed by your doctor, or die from tylenol.

        You're almost as likely to die by crashing into a police car while rushing to your doctor for a tylenol overdose as you are to be killed by terrorists.

        link to this | view in chronology ]

      • icon
        Uriel-238 (profile), 21 May 2015 @ 9:53am

        One good blitz would straighten us out.

        Keep Calm And Carry On was the phrase of an era, and a continuing meme because the Germans were bombing London and try to conduct your daily affairs in that mess.

        Compared to the Blitz, the occasional successful bombing of a subway or a plaza is a light drizzle, not even worthy of a raincoat.

        We get Doolittle raided (by which I mean 9/11) and OMGWTF it starts a mass panic from which we haven't recovered. Rather than saying well that was a jolly mess and carrying the fuck on.

        Imagine how demoralizing it must be to terrorist groups when they suicide bomb and nobody cares.

        link to this | view in chronology ]

    • icon
      DannyB (profile), 20 May 2015 @ 1:33pm

      Re:

      > If these actions couldn't be stopped then, [. . . .]
      > what in the hell do these people think they'll
      > accomplish by spying on everyone?

      They'll prevent whistleblowers from informing the public.
      They'll prevent rich or powerful people from being embarrassed.
      They'll ensure that corporations get what they want.

      Ultimately, and eventually inevitably . . .

      They'll keep themselves in power. They'll crush dissent.

      link to this | view in chronology ]

      • identicon
        Anonymous Coward, 20 May 2015 @ 1:53pm

        Re: Re:

        But there is still a solid truth.

        Harder you grasp for control the more shit that slips through your fingers. Technology will not solve this problem.

        Sure the face of dissent changes but the fact that dissent will happen does not change.

        Remember, give me liberty or give me death was not a secret back alley comment. It was no secret! The stupid people today in power, failed at history just like the rest of us that let them get into power.

        link to this | view in chronology ]

        • icon
          DannyB (profile), 20 May 2015 @ 2:57pm

          Re: Re: Re:

          Remember the old saying:

          Those who fail to learn from history are destined to repeat it in summer school.

          Oh, wait . . .

          Those who fail to learn from history are destined to be promoted to a decision making role.

          link to this | view in chronology ]

          • icon
            Uriel-238 (profile), 21 May 2015 @ 9:55am

            They're playing the short game.

            They'd rather be dictators of a banana republic than upper managers in an utopian empire.

            link to this | view in chronology ]

        • icon
          DannyB (profile), 20 May 2015 @ 3:02pm

          Re: Re: Re:

          > The stupid people today in power, failed at history
          > just like the rest of us that let them get into power.

          Or those people in power know history full well, and simply do not care about the sheer magnitude of bad consequences, the number of people affected, or the number of generations of people affected by their decisions as long as their own personal lives right now wealth and power.

          (What mental disorder is that?)

          link to this | view in chronology ]

        • identicon
          Anonymous Coward, 21 May 2015 @ 3:57am

          Re: Re: Re:

          Then America is looking at a rebellion or civil war in the near future.

          History is repeating itself the events of these past few decades have happened before

          link to this | view in chronology ]

    • identicon
      Anonymous Coward, 21 May 2015 @ 12:48pm

      Re:

      They just want to control everybody's lives.

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 20 May 2015 @ 12:57pm

    We should demand that the Secretary of State and the Homeland Security Secretary write an essay in one hour with no help on the topic "What is the Internet." This should clear up if either of them is qualified to speak on the subject.

    link to this | view in chronology ]

  • icon
    Hephaestus (profile), 20 May 2015 @ 1:02pm

    He said it perfectly ...

    "any excuse that they can find to silence their critics and that those governments have responded to the rise of the internet by stepping up their own efforts to control what people read, see, write, and say"

    link to this | view in chronology ]

  • identicon
    Adam Nonymous, 20 May 2015 @ 1:26pm

    1. First, no country should conduct or knowingly support online activity that intentionally damages or impedes the use of another country’s critical infrastructure.

    Stuxnet

    2. Second, no country should seek either to prevent emergency teams from responding to a cybersecurity incident, or allow its own teams to cause harm.

    NSA's TAO team(s), explicitly setup to target opponents "in the cyber domain"

    3. Third, no country should conduct or support cyber-enabled theft of intellectual property, trade secrets, or other confidential business information for commercial gain.

    The kind of activities Germany is finding their intelligence agency helped ours carry out.

    4. Fourth, every country should mitigate malicious cyber activity emanating from its soil.

    Unless you're doing it on purpose..?

    5. And fifth, every country should do what it can to help states that are victimized by a cyberattack.

    Unless it's an enemy of America, of course. Like Iran or NK.

    You just can't trust what these people say ...

    link to this | view in chronology ]

    • identicon
      Anonymous Coward, 20 May 2015 @ 1:55pm

      Re:

      Rights for me but not for thee...

      link to this | view in chronology ]

    • identicon
      Anonymous Coward, 20 May 2015 @ 2:06pm

      Re:

      re: #1 above. Stuxnet is exactly what I thought about when reading the first part of Kerry's speech.

      link to this | view in chronology ]

      • icon
        sigalrm (profile), 20 May 2015 @ 2:19pm

        Re: Re:

        With regards to stuxnet, the argument has been made publicly in at least one other forum that Stuxnet's intended target doesn't apply because the facilit(y|ies) in question were being used for weapons research and not power generation or any function that would directly impact their civilian population if it were to go offline.

        Whether or not that's correct would seem - to me - to really come down to the finer points of how "critical infrastructure" is defined.

        link to this | view in chronology ]

  • identicon
    Anonymous Coward, 20 May 2015 @ 1:29pm

    It is easier if you take into consideration what they demand Americans do they don't intend to apply to themselves.

    They want a secure country, only applied to themselves everyone else needs to be open and transparent to the point of being locked up for anything and everything.

    These are the self perceived elite that desperately desire to become the Nobles of the new American despotism.

    link to this | view in chronology ]

  • icon
    Kal Zekdor (profile), 20 May 2015 @ 4:22pm

    Theft of IP

    Just wanted to point out that it is possible to steal IP, and in context it's what Kerry was talking about. When you break or hack in to obtain confidential information that you aren't allowed access to (and possibly destroying or corrupting the original), that is most certainly theft.

    When you distribute information that you obtained legally without permission and against Copyright laws, such as sharing a movie online, that is infringement, not theft. Corporate espionage falls under a different label than infringing.

    The concepts, of course, are not mutually exclusive. The use of the stolen IP, such as by putting out a competing product based on the IP, is, once again, infringement.

    That bit of pedantism aside, this was a great article.

    TL;DR: Illegally obtaining confidential IP is theft; illegally using IP (secret or not) is infringement.

    link to this | view in chronology ]

    • icon
      PaulT (profile), 21 May 2015 @ 12:35am

      Re: Theft of IP

      I disagree. Theft involves depriving someone of the original. If I steal a car, the rightful owner is deprived of the car, so it's theft. if I steal a DVD, the rightful owner no longer has it, so it's theft.

      If I copy a digital file, the original owner still has their copy, so it's not theft. If I distribute it without permission, that's infringement. If have access and/or copied confidential documents, then it's either espionage or unauthorised access to classified material. But not theft, unless you're removing access from the original party in the process.

      link to this | view in chronology ]

  • identicon
    Personanongrata, 20 May 2015 @ 5:04pm

    Defund DHS

    Jeh Johnson current director at the worthlessly redundant bureaucracy known as the Department of Homeland Security (DHS) complaining that a secure internet would aid terrorism and crime is on par with past DHS director Tom Ridge's pronouncements that American citizens protect themselves from a chemical or biological terror attack by stock piling duct-tape and plastic sheeting.

    The level of ignorance found in upper echelons of management within the DHS is astounding. If Jeh Johnson and Tom Ridge, past and current directors, are representative of the quality and ability of DHS personnel congress in a just world would pull the $60 billion dollar plug on the cretinous tax wasting and freedom destroying abomination known as DHS.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 20 May 2015 @ 5:17pm

    A sane person does not connect vital assets to the internet.
    The whole "have to secure this" bs is simply an excuse to control that which they should leave the hell alone.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 21 May 2015 @ 1:13am

    I used to disagree at one point about having extensive surveillance, but then it came like a spark "Dude, think of all the bathroom cameras you could meatspin in front of. Think of all the street cameras you could give the finger to.

    link to this | view in chronology ]

    • icon
      John Fenderson (profile), 21 May 2015 @ 7:48am

      Re:

      Years ago, I started flipping off every surveillance camera I saw. The problem became one of quantity. There are so damn many of these cameras now that I'd have to fly the bird constantly to keep up the practice. I can't do that. My arm gets tired.

      link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.