We generally tend to have a high tolerance to terrorism. We watch the news in horror when the attacks happen, but we tend to forget them as soon as we can. It’s not because the tragedy might not affect us directly, or because it happened somewhere far away from us, it’s because if we don’t, then getting on with our lives would become impossible. We would give in to the very anger and fear the attackers are trying to cause. So most of the times we take a pause and think about our purpose in this world while watching the tragedy unfold. We discuss the whole event during our coffee breaks, and then we try to move on, with that feeling locked up somewhere inside us in a box labeled Mysteries of the human behavior: tragedy, war, and religion.
Every once in a while, there’s a terrorist attack that breaks that lock inside us, and all our rage, disgust, and fear get channeled into a determination to act. We have all felt that need to act, I know I did, at least in the wake of the Paris attacks that took place in November. Authorities also start taking more drastic measures into consideration. When attackers kill 130 people, it’s definitely time for impactful measures.
On 13 November 2015, several coordinated terrorist attacks occurred in Paris and Saint-Denis (northern suburb), beginning with three suicide bombers near the Stade de France in Saint-Denis. The rest of the evening continued with suicide bombings and mass shootings at cafés, restaurants and a music venue in central Paris. This series of attacks is considered the deadliest in France since World War II. If a nation that’s on high alert for terrorist attacks can still be vulnerable – because of the Charlie Hebdo attack in January 2015, then we are all more exposed than we thought.
The dark side of encryption
The Paris attacks sparked once again the going dark discussion. Major communications providers have enabled end-to-end encryption in certain applications. This means that terrorists can conceal their communications as well. The investigation that followed the Paris attacks revealed that the terrorists used encrypted communications, thus opening the going dark debate. It would seem that the scale is tipped in favor of the intelligence and law enforcement communities that are somewhat alarmed by this phenomenon.
Harvard recently released a study that predicts new tracking opportunities will become available with the increase of Internet-connected devices. Important figures of Harvard’s Berkman Center for Internet Society have collaborated in the study titled “Don’t Panic: Making progress on the encryption debate“. The main idea, as stated in the title, is not to panic, because even though encryption might be challenging sometimes, there will still be plenty of other ways to counter the terrorist attacks.
“The U.S. intelligence and law enforcement communities view this trend with varying degrees of alarm, alleging that their interception capabilities are ‘going dark.’ As they describe it, companies are increasingly adopting technological architectures that inhibit the government’s ability to obtain access to communications, even in circumstances that satisfy the Fourth Amendment’s warrant requirements. Encryption is the hallmark of these architectures,” reminded the study.
When you light a candle, you also cast a shadow (Ursula K. Le Guin)
Encryption or no encryption, dim places that avoid surveillance will always exist. That’s the hard fact. But by no means are we ‘going dark’, quite the contrary. The technological evolution trend points to an abundance of unencrypted data that will be useful. Intelligence agencies will just have to adapt to the new sources of information – cameras, smart TVs, smart vehicles and more.
The study notes: “Although we were not able to unanimously agree upon the scope of the problem or the policy solution that would strike the best balance, we take the warnings of the FBI and others at face value: conducting certain types of surveillance has, to some extent, become more difficult in light of technological changes. Nevertheless, we question whether the “going dark” metaphor accurately describes the state of affairs. Are we really headed to a future in which our ability to effectively surveil criminals and bad actors is impossible? We think not.”
The entire phenomenon is painted in a much darker light than the actual situation. Law enforcement communities might find somewhat of an obstruction in encryption (which is otherwise necessary for certain businesses), but there will be other ways of surveillance. It’s almost absurd to think that if we have this information regarding future surveillance options, intelligence agencies don’t already have it themselves. This wouldn’t be the first time a tragic event is used to push a policy that wasn’t really that necessary. Our judgement can be clouded in desperate times (maybe that’s what the lock is for), so much that we might believe that we need desperate measures.
Study findings
End-to-end encryption unlikely to be adopted ubiquitously by companies.
Software ecosystems tend to be fragmented, therefore encryption probably won’t become both widespread and comprehensive
Networked sensors and IoT will drastically change surveillance.
Metadata is not encrypted, and the vast majority is likely to remain so. It provides enormous amount of surveillance data.
The ‘going dark’ debate is largely taking place without reference to the full picture (i.e. privacy, security).
