Nothing in these bills will actually help deal with them
There’s proposed legislation in the US (sponsored by Lamar Smith) and in Canada (sponsored by Vic Toews) and in the UK that uses various flimsy justifications for the mass collection of data on telecommunications users. The data covered by these proposals varies, but includes things like URLs, phone calls, text/instant/email messages, and other forms of communication. Some of this proposed legislation deals with communication metadata, e.g., sender, recipient, time, etc.; some of it deals with communication content, e.g., the full text of messages.
I’m going to gloss over the specifics for two reasons: first, they’ve been covered exhaustively elsewhere, and second, I think it’s an absolute certainty that whatever these proposals contain, the next ones will contain more.
The putative reasons given for these proposals are the usual Four Horseman of the Infocalypse: terrorists, pedophiles, drug dealers, and money launderers. One would think, given the hysteria being whipped up by the proponents of these bills, that one could hardly walk down the street without being offered raw heroin by a grenade-throwing child pornographer carrying currency from 19 different countries.
Of course, everyone who’s actually studied terrorists, pedophiles, drug dealers and money launderers in the context of telecommunications knows full well that nothing in these bills will actually help deal with them. The very bad people who are seriously into these pursuits are not stupid, and they’re not naive: they use firewalls, encryption, and tunneling. They use strong operating systems and robust application software. They use rigorous procedures guided by a strong sense of self-preservation and appropriate paranoia. They’re not very likely to be caught by any of the measures in these bills because they’ll (a) read the text and (b) evade the enumerated measures.
Yes, there are occasional exceptions: every now and then, a clueless newbie or a careless dilettante turns up when they’re caught. And of course when that happens, there’s always a press conference announcing the event, and many claims that it’s a “major blow against crime” and a flood of self-congratulatory press releases. But it doesn’t mean anything, except that someone was either stupid…or careless…or was set up.
The unpleasant reality that these bills are trying to avoid is that catching very bad people requires diligence, patience, expertise and intelligence, aka “competent police work.” There’s no substitute and there are no shortcuts. This means that these bills will achieve very few of their stated goals; that is, the benefit to society from them will be minimal, if any.
But what about the cost?
I don’t mean the financial cost, although that will be high — much higher than those proposing such legislation are prepared to admit; I mean the cost to society as a whole.
If such legislation passes, then everyone will know that every ISP is building a database — a highly useful database for very bad people. It’s the sort of thing that some very bad people have been trying to construct for years, often at considerable expense and effort. How very nice of someone else to build it for them, saving them the cost and trouble — because they, and/or their agents, will of course target it for acquisition. And given the parade of security breaches and dataloss incidents we see on a daily basis, it’s certain they’ll get it. (My bet is that they’ll get it before it’s even finished. Any takers?)
There’s an old military saying — a bit of inter-service trash talk: “The Air Force builds weapons; the Navy builds targets”.
Politicians who propose such measures appear to be thinking that they’re building a weapon — a weapon that law enforcement agencies can use to pursue people who’ve committed, or are suspected of committing, crimes. But they’re not. They’re building a target. They’re building the mother lode for stalkers, pedophiles, spammers, identity thieves, child pornographers, blackmailers, extortionists, and yes — terrorists. A Techdirt story just a few days ago gave some rather creepy examples of what Target’s data mining can do…and they’re just trying to sell you stuff. Imagine what very bad people are capable of, given far richer data and the rather obvious inclination to break the law at will.
Read more . . .
Bookmark this page for “Internet Spying Laws” and check back regularly as these articles update on a very frequent basis. The view is set to “news”. Try clicking on “video” and “2” for more articles.