Paris, jihadis, tech giants ... What is David Cameron's speechwriter banging on about now?

Clare Foges' outburst pulled apart by law prof, infosec expert

An article by the UK Prime Minister's chief speechwriter suggests Silicon Valley is happily aiding "tech-savvy jihadists."

It echoes demands we've heard since the killings in France this month. A UK law professor and an infosec academic have helped us dismantle the piece.

The ludicrous article in question, written by Clare Foges, slammed the encrypted messaging app Telegram for being a Daesh favourite and for putting terrorists "beyond the reach of intelligence agencies" – even though the software is not terribly secure, and a poor choice for anyone trying to evade nation states.

She also accused Google supremo Eric Schmidt of "extraordinary arrogance" for seemingly refusing to create a useful secure encryption system that can be unlocked on demand by governments, despite the mathematical infeasibility of such a technology.

During the course of her written philippic, which made much reference to the attacks in Paris, Foges forgot to disclose that she has been a key speechwriter for Number 10, which is also making similar demands for government-friendly backdoors in encryption.

"Paris must be a wake-up call," she thundered. "If they had any conscience at all, these great Western powerhouses of the 21st century would be joining the fight to preserve our way of life – not helping to facilitate Islamic State's way of death."

She seems to be forgetting that the murderers behind the Paris massacre this month also used text messages to communicate, and warned of their plot in public; if they used truly unbreakable end-to-end encryption, we've yet to see evidence of it.

Foges also complained in her piece, published by the Daily Telegraph in London, that Snowden's revelations tipped off terrorists to internet surveillance. She added:

In the wake of those tip-offs, tech companies faced a massive PR headache on privacy. And so Google, Apple, Facebook and the rest have been falling over themselves to offer products that no government can break into.

"These companies are not using cryptography to defend against governments," Steven Murdoch, a principal research fellow in infosec at University College London, told The Register. "They're trying to defend against those with no legitimate reason to access that information."

"All of these companies do provide information to governments," he added, citing these companies' transparency reports.

"They deploy this kind of security because it is the most secure method for their users.

"The debate shouldn't be framed as 'security versus privacy'. For those in the intelligence agencies, security is privacy. The debate that should be happening should be framed in appropriate terms, rather than jumping on the bandwagon of ongoing events. It should look at previous cases that have happened and are appraisable."

A mature debate

Paul Bernal, law lecturer at the University of East Anglia and author of Internet Privacy Rights: Rights to Protect Autonomy, told us: "The recent moves towards privacy and security are as much motivated by a need to protect people's data from cybercrime as anything else.

"The government has been talking about this recently, without apparently seeing the disconnection between having a secure network to protect us from criminals and building in insecurity to supposedly allow us to be 'protected' from terrorists.

"The question many of us are asking is why this piece was commissioned in the first place – to say that the author of it is out of her depth is a massive understatement, while The Telegraph has access to journalists and others with great expertise, who could have written on the subject with both more knowledge and more clarity."

The law prof went on:

The idea that the 'Western tech companies' are big supporters of privacy will come as a huge surprise to anyone who has been following the industry for any time – historically they've very much underplayed privacy risks, trying to encourage people's sharing of as much information as possible on the internet, and to find ways to analyze and monetize that information as much as possible.

A few weeks ago Andrew Parker, the head of MI5, called for a 'mature debate' on surveillance as the Investigatory Powers Bill was introduced: immature articles like this seem designed specifically to undermine the chances of that debate.

"It looks very much as though this is a politically commissioned piece – but the question is why? Who is expected to be convinced by a piece like this? What are they trying to do?" Bernal questioned. ®

Biting the hand that feeds IT © 1998–2021