UK's Terrorism Law Reviewer Says Tech Companies Shouldn't Offer Encryption To Anonymous Users
from the nothing-to-hide,-everything-to-fear dept
Once again, someone's suggesting the best way to combat the spread of terrorist-related communications online is to make the tech companies do it, have them foot the bill, and do it all without being legislated into submission or making impudent comments like "That's not how any of this works."
Traveling beyond the groundwork of "necessary hashtags" and constant threats to bludgeon tech companies into mandatory, worldwide speech policing, the UK's independent reviewer of terrorism laws -- former key terrorism prosecutor Max Hill QC -- suggests the better route lies not through legislation, but through some sort of tech wizardry.
[C]ooperation with tech giants such as Google and Facebook offered the best way forward, including the potential introduction of “verification” checks on social media users.
“A discussion I have had with some of the tech companies is whether it is possible to withhold encryption pending positive identification of the internet user,” said Mr Hill.
“If the technology would permit that sort of perusal, identification and verification, prior to posting that would form a very good solution… and would not involve wholesale infringement on free speech use of the internet.
“I’m talking about a nano-second.”
Yes, Hill is calling for encryption to be withheld from anonymous or pseudonymous users -- often the very users (dissidents, journalists, whistleblowers) for whom the added protection is key to survival. This pitch takes "nothing to hide/nothing to fear" to its illogical extremes, suggesting protected communications be limited to those who have made their personal information available to tech companies -- who then, in turn, can be forced to hand it over to various governments with a minimum of paperwork.
Hill is correct -- beating tech companies over the head with broadly-written legislative sledgehammers is unlikely to end well. But his "fix" isn't any better. In fact, the thing he thinks can be done in a "nano-second" may not even be possible. And that's by his own admission.
Mr Hill conceded that experts were divided as to whether such checks were feasible but that it was a debate “worth having”.
Something everyone can agree on -- "independent" or not -- is that tech companies should pay for whatever measures they're being forced to undertake for the government.
He added: “The vast sums of money that tech companies generate … means that we should all be looking to those companies to recycle some of those profits into the fight to take down extreme material.”
So, let's attempt to add this all up:
Hill thinks "sledgehammer legislation" would backfire. He also thinks tech companies should be able to flip switches somewhere to encrypt/decrypt communications as needed (million-dollar switches perhaps, but "recycle" those "profits!"). He also concedes no one has said these "nano-second" switch flips are actually possible. Finally, he believes tech companies will implement these measures and pay for them without being forced to by "sledgehammer legislation."
Hill has assembled a handful of logical flaws and presented them as a plan -- one whose impossibilities can be surmounted if everyone involved just talks about it for awhile. These are the words of a former prosecutor who has mistaken daydreaming out loud with acting as an independent overseer of terrorism-related legislation.
Filed Under: anonymity, encryption, going dark, identification, max hill, privacy, uk
