shutterstock_190449881

What Could New Encryption Laws Mean For Our Online Security?

February 24th, 2015 by

What do the proposed new encryption laws mean for the future of the ‘net? We did some research to find out…

Encryption is a part of the global landscape; the Internet wouldn’t function without it and neither would ecommerce. Outside of the need to protect your financial and personal data from criminals and snoopers, freedom of speech advocates have a long standing argument with security forces over data accessibility, so what would happen if encryption became illegal?

The Prime Minister has come forward to propose that the laws surrounding encryption methods used by online discussion outlets such as WhatsApp, Snapchat and Facebook be changed to give government anti-terrorism forces full access to our online communication.

So firstly, what is encryption?

Our sensitive data is protected within the ‘net by the process of encryption, which encodes information so that only authorised parties may have access. Complex algorithms operate across the web to restrict access to the passwords and personal details of the worldwide online community, effectively providing security against online attacks.

In the most basic sense of the word, encryption is the encoding of messages or information to ensure only those who are authorised can read it. Like the existence of secret languages that you perhaps came across in the playground, encryption serves to make sure only the people who the information is intended for are able to access it. In my school, and probably in many others, there existed a language known as ‘Avagi’: when speaking Avagi, we would tag the word itself onto each syllable (yeah, it was a lengthy speech process!).

An (arguably) more advanced and yet beautifully simplistic method of encryption is a substitution cipher. A substitution cipher does exactly what it says on the tin: units of plaintext (material to be encrypted) are substituted with ciphertext as according to an agreed system (the letter ‘a’ is substituted with the letter ‘t’, for example). The message is written in ciphertext, and decoded by the recipient, leaving the greater world none-the-wiser. The Caesar cipher is an example of a simple substitution cipher.

Response to the proposed new ruling seems split; an online outcry has expressed fears of an apocalyptic recreation of George Orwell’s 1984, with the powers that be demanding access to our every whimsical conversation. Is it possible to remove encryption from these social websites without putting our sensitive information at the risk of compromise? Last year’s great celebrity photograph hacking scandal brought fears about online security to the global press, and this proposed change to legislation is sure to continue the feelings of unrest.

Many of us rely on the security of our encrypted information, and big names in technology do their utmost to provide secure devices. For example, Apple’s iPhone 6 comes with encryption as standard, as do many Google devices. Apple can’t hand over any data from their iMessage software; they place data control in the hands of those who create it to provide a secure product and service.

Perhaps appropriately, the inability of the government to access the communications of those who pose a potential threat makes for an unnerving prospect, hence there is support in the webosphere for the changes in legislation which are expected to be proposed shortly. But what could the potential new ruling mean for the security of our sensitive information?

Answers point towards the creation of a ‘backdoor’ entrance, as it were, to devices, accessible by official bodies in cases of suspicious activity. The mere existence of such holes within encryption laws would surely invite the risk of cybercrime, a real threat in the online sphere. Encryption secures sensitive information against hackers, and yet breaches are still made. Last year, for example, eBay were forced to issue a rather embarrassing plea to their customers, imploring them to change their passwords following a huge security breach. Any man-made weakness within the encryption process would surely encourage cyberwarfare, with weakened systems becoming easier to infiltrate.

To gauge the scale on which such online attacks occur, check out this global map which documents cyberattacks as they occur in real time:

http://cybermap.kaspersky.com/

The complexities of the current legislation regarding encryption have been long disputed amongst politicians. In the 1990s the Clinton administration tried and failed to get the industry to adopt the Clipper chip which was an encryption chip built specifically for the US National Security Agency. The chip was designed to be used by hardware manufacturers to provide hardware level encryption, while also having a backdoor specifically for the NSA to snoop on whoever was using it. It was recently reported that David Cameron is in discussion with President Obama over the encryption laws which govern American mega-businesses such as Facebook Inc. who also encrypt their data as standard.

The saga continues…

What do you think? Have your say @UK2

  • Share this post

shutterstock_135288164

Transatlantic Ties That Bind

shutterstock_251416948

An Introduction To Computer Viruses

Leave a Response