Don’t Trade Your Privacy for Nothing

| Analysis

iSpyWe all feel it, the siren call of increased security so we can prevent another horrific terror attack. In France, in Britain, throughout Europe, in the U.S., in every country opposed to extremist Islamists, we feel that call. But we must resist the urge to throw privacy out the window in the name of fighting terrorism because we will get nothing in return.

Governments and intelligence agencies charged with protecting us are already on edge because of encryption built into iOS, Android, and even individual chat apps, and it's a sure thing that some of those governments will use the Paris attacks to push legislation mandating back doors into encryption systems or simply outlawing encrypted communications entirely.

That march has already started. The role of encrypted communications is being increasingly identified as one of the ways these attacks went undetected while being planned and executed. Pundits are criticizing encryption and blaming Edward Snowden for exposing mass surveillance programs in the U.S. Mainstream news outlets on TV, print, and the Internet have speculated frequently on the idea that encrypted communications allowed the terrorists to operate undetected.

In a press conference on Monday, U.S. Attorney General Loretta Lynch said, "We are pursuing a number of options, we're in discussions with industry looking for ways in which they can lawfully provide us with information while still preserving privacy."

The fly in that ointment is that it's impossible to have those two things together. "Lawfully providing information" and "preserving privacy" are incompatible in the real world.

We saw similar rhetoric used to pass the PATRIOT Act in the U.S. in the wake of 9/11, and I've little doubt misguided and uneducated politicians will try to use the Paris attacks to fuel a new onslaught on encryption.

Same as it ever was

We at The Mac Observer have written and spoken extensively on this issue. A back door open to one is available to all. It's why Apple built end-user encryption into iMessage and other aspects of iOS and OS X, and it's why so many chat apps and other communications platforms have done the same thing. To have security from criminal organizations and foreign governments who want to steal our data, we must have security from everyone, even our own protectors.

In addition to the infeasibility of back doors, end-user encryption is here to stay and relatively easy to implement. If Apple, Google, Facebook, and all the other major tech companies were to eliminate end-user encryption today, terrorists and criminal organizations alike could easily move to home-grown communications tools that give them all the privacy they want while leaving we, the people, exposed to every malicious player on the planet.

As Dave Hamilton noted during Monday's TMO's Daily Observations, only nerds and criminals would have privacy.

Do not mistake my message. It is terrible that enemies are able to use mainstream encrypted communications platforms to plan and execute their horrific deeds, but exposing all of us to the many other bad actors eager to steal our identities, banking information, and other data won't stop the terrorists.

The knee-jerk response we are seeing from those whose biggest desire is to protect us is understandable. But we must be diligent because we will get nothing in return if we trade away our privacy in the illusory pursuit of security. The terrorists of the world, the criminals, will easily find ways to communicate privately while we will be left exposed.

Popular TMO Stories



“ every country opposed to extremist Islamists…”

Is there a reason you mentioned only extremist Islamists?


“Is there a reason you mentioned only extremist Islamists” because it’s the biggest boogyman that can be found right now.


WWII was fought to put an end to fascism, and today fascism is stronger than ever. Wars can not be won and there will always be new and different enemies to kill. Freedom has a price and we must protect our rights.


It’s a time-honored tradition, particularly in the US, after a one-off horrific event, to pass legislation that harms everyone’s rights, costs a fortune and actually does little or nothing to prevent a reoccurrence of said one-off event.


“Is there a reason…”
Extreme Islamists are not the only reason governments want access to our communications. They want to uncover any terror plot no matter the motivation. But don’t let that lull you into viewing all terrorists equally because their motivations separate them. The 15 minutes of fame of the deranged mass murderer is not the same goal as the polical terrorists. Both of those don’t have the same goal as the religious terrorist.

The goal of Islamic extremists is a threat to the lives and freedoms of every person on earth. That threat is greater than any other terrorist motivation.

Having said that; I still don’t want governments to have unfettered access to our communications.


misguided and uneducated politicians

Syn: Corrupt

Today it’s self styled Jihadists. But I’m old enough to remember when peaceful religious groups, studentr political groups, and pacifist environmental groups were all classified as “terrorists” and “extremists” because they opposed a war, a project, or a policy that someone in power supported.

Today there is an acute threat from ISIS and the idiots that support it on both sides of the Atlantic. Over time though there is far more threat for unfettered governments, police acting with impunity, and a cowed populace. In the long run those will kill more people and cause more ruin.


Pundits are criticizing encryption and blaming Edward Snowden

When the company I worked for joined BITNET I can clearly remember the system administrators talking about how the NSA was reading everything on the network. Even then, they knew that the Government was watching. Scanning e-mails for keywords and otherwise snooping on traffic.

In my opinion Snowden should pay for what he revealed, not how it was gathered. (for much of what he revealed was operational and not gathered!)


In my opinion Snowden should pay for what he revealed,

He should get what he diserves. I think a lifetime stipend, a heart felt thank you from the free people of the world, and his face on Mt. Rushmore would be fair.


It’s simple. If the lazy politicians want to buy votes with their faux security mentality by going up against the big mean Apple who wants to burn your children and gun down and blow up your family, they will pursue this circus.
When that happens, those who care about their privacy will go to wonderful web pages like where they will be able to find a long list of encrypted communications services that operate outside the boundaries of the US and UK governments.
Just like the terrorizers and baby-rapers do now. And you’ll be none the safer. You’ll just be a criminal, too.


Salient points from everyone. If people are intent on hiding, they will find a way to hide. Leaving the rest of us who have done no wrong twisting in the wind of compromised personal rights is NOT a solution.

Lee Dronick

I still don’t want governments to have unfettered access to our communications.

I am fine with them having fettered access and if the information from that “warrants” it then they dig deeper. There probably isn’t a human looking at the initial stuff, software is looking for things to flag that an agent should examine. As to where a terrorist may originate, their nationality and homeland, let us take a look at some:

Timothy McVeigh - Indiana
Terry Nichols - Michigan
Eric Rudolph - Florida
Adam Lanza - New Hampshire
James Holmes - California
Wade Michael Page - Wisconsin

The point is that enemies may be foreign or domestic.



Here’s a list of what your foreign enemies have been up to recently, Lee -

13 Nov - Paris, France Gunmen and suicide bombers kill at least 129 people.
12 Nov - Beirut, Lebanon Suicide bombers kill at least 43 people.
31 Oct - Sharm el-Sheikh, Egypt Plane crashes killing all 224 on board. Russia says a bomb caused the crash and an IS affiliate says it was responsible.
10 Oct - Ankara, Turkey Suicide bombers kill 102 people at peace rally. Turkey blames IS, but no group claims the attack.
20 Jul - Suruc, Turkey Suicide bomber kills 33 people.
26 Jun - Sousse, Tunisia Gunman kills 38 people, mostly British tourists.
26 Jun - Kuwait City, Kuwait Suicide attack kills at least 27 people.
22 May - Qatif, Saudi Arabia Two suicide bombs kill at least 21 people.
21 Mar - Sanaa, Yemen Suicide bombings kill at least 137 people.
18 Mar - Tunis, Tunisia Gunmen kill 19 people, mostly foreign tourists
I value privacy too.  But this carnage has to be stopped. I wish I could be as sure as you Bryan that we would “gain nothing” .  My problem is I don’t know how much of an advantage, if any,  the bad guys have that can be directly ascribed to the use of encryption.  Does anyone know?

Lee Dronick

My problem is I don’t know how much of an advantage, if any,  the bad guys have that can be directly ascribed to the use of encryption.  Does anyone know?

Time, date, and location of the target. The number of attackers, disguises to be used (if any). Rally points, safe houses.

I have seen reports that they may have used the encrypted communication features of game consoles.


Lee, So it’s difficult to see how we would gain nothing from allowing properly authorized access to the encrypted communications of suspects..  Which means we risk losing our own privacy to the bad guys;  but then we are risking a lot now using the Internet for online banking and so on.  Pity we can’t prove our identity online in the same way we can prove it in person to a bank teller or policeman.


I don’t think the “bad guys” should be the tail that wags the dog, period. Snowden is a friggin’ hero.  OTOH, all the intelligence on earth didn’t prevent a handful of guys with box cutters from a very successful raid on the USA that we still suffer from today; and the warnings were there, the messages flowed, the flight lessons continued. Sourcing data is one thing; acting on it is another. Another trillion bucks to the Military Industrial Complex is just inane as those handful of guys proved, of course the republican pukes of this country would tell you otherwise. We need intelligence as in smarts, not kneejerk dogma.


This from the BBC - How does IS communicate securely?


I like the fact the group Anonymous has already shut down a whole bunch of DASH’ Twitter accounts. This means at least a few of DASH aren’t that smart.  Of course Stuxnet was Israel doing their usual illegal attacks and I presume a little more sophisticated than what the average DASH member could pull off.

Scott B in DC

“As Dave Hamilton noted during Monday’s TMO’s Daily Observations, only nerds and criminals would have privacy.”

Sorry… I don’t listen to TMO’s Daily Observations (too many podcasts already and I’m 4 behind in MGG)... but I really hope Dave was being sarcastic!


Does any government have the right to open my letters and read them? not unless its a totalitarian state. Does any spook agency have the ongoing right to scan electronic communications including the content?...
Whats the difference?  none.  If I want to send information that anybody COULD read, I send a postcard.  If I want to send a private letter I could put it in two sealed envelopes, and then use a private code. But is the information revealed worth the effort?

Full blown monitoring on all electronic communications simply monitors the unsuspecting and so called ‘free’ electorates WHO PAY for the privilege of being spied on.
The ‘free’ have given up the right of privacy in the name of ‘security’ to catch the few who are hell bent on mayhem.

Those who have something to hide will revert to non electronic means - carrier pigeons, microdots, letters.

Once you have given up your right to freedom and privacy to a government, any government, your freedom and privacy is gone, forever. Pandora’s box is open.

Encryption is just a tool to delay reading of a private message, encryption can be broken if you have enough clues and a big enough hammer, the spooks are being lazy and going after the low hanging fruit, by which time the terrorist has chosen another method of communication.

Lee Dronick

This from the BBC - How does IS communicate securely?

Sounds like a good opportunity for an intelligence agency to create and market their own app that has a back door in it.

John Dingler, artist

A nation’s National Security Apparatus always feels deprived when it is denied complete, continuous, warrantless access to people’s data and whereabouts. It never blames itself for its own incompetence: The US’s blamed 9/11 on the US Constitution. The French’s blamed 11/6 on Snowden. Both responses are fiscally and emotionally irrational.

And it whines, scowls, and gesticulates wildly when it is not allocated a nation’s total budget for that year, it seems. For the NSA, the best way to protect itself from criticism that it has failed its security needs would be to limit Americans to their homes and force them to not use any personal social media. Only gov. TV and only bugged cars used to go shopping and to work. Do not think. Do not debate. Toe the line. This seems to be the growing vision of the NSA and any other militia, military, security, and police force.


@Lancashire-Witch: The problem with encryption is that you cannot stop it. The grandad of unbreakable encryption, RSA, is very nicely described in Donald Knuth’s “The Art of Computer Programming” in the 1980 edition. The maths was exciting and new back then, but today I can explain how it works and how to implement it to any talented high school student in two hours. And in a few days they can write some computer software that implements it.

It wouldn’t be anywhere as efficient as the algorithms that are used today for encryption (that’s why RSA is only used in practice for encrypting and decrypting encryption keys for other, faster algorithms), but it is perfectly feasible to encrypt reasonably large amounts of data with RSA only. And nobody in the world can crack it.

In the 1930’s, the Germans developed the “Enigma” encryption machine. Its encryption was broken. It had three wheels with 26 possible positions each plus a lot of other features, and it was broken by guessing parts of messages, by mathematically removing the need to crack the other features, and then trying the 26 x 26 x 26 possible settings. Today, anyone with the freely available description of the Enigma machine could easily write a program that simulates an Enigma with 100 wheels with 1000 possible positions each. And guess what: There is nothing on earth that could crack it.

So if our governments want backdoors that allow them to read messages that are exchanged with standard software that are available to any user of a popular phone, and make it illegal to use any other encryption software, that would only compromise the security of law abiding citizens. Criminals and terrorists wouldn’t be affected, since nobody can stop them from creating their own unbreakable encryption.


And this from The Guardian -

@gnasher. I’ve never advocated back doors or unfettered access to communications.

The problem is exemplified by the link above.  We are not trying to locate the “lone nut with a gun” in a population of millions and therefore need access to everyone’s communications.  We are trying to identify the most immediate global threat that could materialise from a handful of people who belong to a group of hundreds of thousands. Getting it wrong costs lives.  So I can understand why some security experts claim that encryption gets in the way of quickly analyzing all the data and risks.
If encryption was illegal how much difference would it make to global security? How many lives would it save?  Who knows! 
How much difference would it make to privacy and personal property security? A lot!

Log in to comment (TMO, Twitter or Facebook) or Register for a TMO account