In a previous blog “CITIZENS NOT SUSPECTS”, I emphasised the security vulnerabilities surrounding metadata, and how the government wanted major telecommunication companies, such as Telstra to keep all their metadata so law enforcement could access it on demand. I also mentioned how I felt it couldn’t get any worse; however, I was wrong.
Security measures available to internet users has increased in vulnerabilities as Governments around the world are having debates whether to put backdoors (and no, I don’t mean your house backdoor) into encryption programs.
The term “backdoor” is commonly used by Coders and people who understand coding or you could refer to the academic term “exceptional access mechanisms”. It’s a way to bypass security measures such as encryption without actually having to know any of the access details, in easy to understand terms it’s the same as locking your front door and leaving your back door wide open, allowing anyone who looks to walk in.
The real question is who is actually at risk and who will it impact the most? the answer to that is fairly simple, all of us. Everyone from the casual internet user through to big corporations will be affected by this if it does ever pass, any data online that has some sort of security measure will become vulnerable to anyone who has the knowledge and skill to access it. Businesses private data such as clients credit card details will also be at threat and never truly be safe.
This would also have a strong affect on Encryption and Tech businesses, if you had highly sensitive data that you wanted to protect would you buy from a country that allows backdoors into their encryption software, or would you buy from a different country who didn’t have a vulnerability such as a backdoor in their encryption software?
In fact, Benjamin Dean, cyber security and Internet governance staff associate at Columbia University, was asked about his opinion on this issue, he had some big numbers to throw out that he thought US Tech businesses were going to lose, Dean estimated that US Tech Businesses were going to lose anywhere from $21.5-35 billion through to $180 billion. How long will this industry last with possible losses of this amount?
It also affects you, the reader. How you might be wondering, every time you log into your internet banking, buying a product online or even order a pizza to your house online you are using a HTTPS:// connection, this is a form of encryption, most people would use encryption in their normal everyday lives and not even realise.
The reason this was proposed was because law enforcement agencies primarily in the US, were arguing that it was needed so they could hunt down the “bad guys”, US law enforcement also continued to say that this wouldn’t have any impact on the general public's privacy, if you weren’t a criminal then you’d be okay, let's face facts, the government doesn’t exactly have the best track record on not misusing information like this (citizens not suspects), so how can we trust them now?
At the point of me writing this blog and informing you of this information, this hasn’t been passed as of yet, this doesn’t mean it won’t become a reality. It was initially proposed 22 years ago and was shut down then, it was proposed again, still with no success but as technology develops, law enforcement and the government find new ways to gather major amounts of data, once that happens we can only assume they will make their third proposal, the third attempt could get approved faster than the other two got shut down.