UN Telecom Chief Urges Blackberry Data Sharing 196
crimeandpunishment writes "The top man in telecommunications at the United Nations is weighing in on the Blackberry battle ... and he says share the data. The UN's telecom chief says governments have legitimate security concerns, and Research in Motion should give them access to its customer data. In an interview with the Associated Press, Hamadoun Toure said 'There is a need for cooperation between governments and the private sector on security issues.'"
I think I speak for all of us... (Score:5, Insightful)
I think I speak for all of us, when I say: FUCK THE UN!!!
Next... (Score:2, Insightful)
Who needs privacy? (Score:4, Insightful)
Governments need to feel secure. Secure from attacks by foreign nations. Secure from attacks by its own citizens. Governments need all information about anyone they consider a threat. Getting all your information might be considered a breach of your privacy, but it's a safety blanket for the government. Oh, and remember, if you're not with the government, you must be a terrorist.
Enjoy!
Re:I think I speak for all of us... (Score:2, Insightful)
You think wrong. The UN does much good, even though this ain't good.
Re:I can see this, kinda... (Score:3, Insightful)
Re:I think I speak for all of us... (Score:3, Insightful)
They can sniff my BlackBerry data, but they can never make me share my S/MIME key!
Re:I think I speak for all of us... (Score:3, Insightful)
Re:I think I speak for all of us... (Score:5, Insightful)
Yup, and how unsafe that really is.
Any time you build a back door, you weaken security. End of story.
The "legal intercept" (aka Wire Tap) functionality on phone switches was used, rather recently, in Athens, by an unknown party, to tap the lines of a number of non profit group leaders, and government officials. It was only discovered after it had been in operation for a while, and was discovered entirely by accident.
http://spectrum.ieee.org/telecom/security/the-athens-affair/0 [ieee.org]
That said, I really don't see where governments have such legitimate cases for wiretapping. I mean, sure, I can see their case for wanting to tap, or having cause to tap, certain individuals. However, I don't see how that need translates into a need to force the entire infrastructure to be designed such that they can do it.
Whats the REAL damage of them not being able to do this when they have a case for it? Some criminals get away? Some are harder to catch and require more work? So what? I don't see how that need should usurp the entire populations security for the occasional need to tap someones phone.
I know we can dream up all sorts of fanciful scenarios where they might need it.... but imagination land can justify many many things... and movie plots threats do not make for good public policy (as evidenced by the TSA)
-Steve
Cooperate on Protection From Governments / Private (Score:3, Insightful)
Yes, there is a need for cooperation between governments and the private sector to protect the people's privacy from invasion by either government or private sector entities. These security issues are far more common, urgent and important than any need for the government or private sector to invade our privacy. And without due process, like evidence/argument/decision in a legitimate court, neither government nor private sector has any "security" interest that should see cooperation by anyone, including people in the government or private sector.
Re:Who do you trust more? (Score:4, Insightful)
Someone is going to be deciding what to do with your data here, either the individual companies or the government.
Not really a fair way of looking at it. Even if I trust the government more, this isn't an "either" situation. The company has to have access to the data in order for them to provide the service to the customer. So it's either "company has access" or it's "company and government have access". From a user's perspective, it's clearly safer to have fewer people/entities with access to their data. Hence it's preferable for the government NOT to have access.
On the other hand you're alluding to who should set the rules about data access. I certainly agree that the government is the right entity to set rules like that (the company would prefer not to have any rules, so that they can harm customers at the drop of a hat if it somehow helps their bottom line). But governments setting, and even enforcing, privacy rules doesn't mean they need unfettered access to customer data. (There are smarter ways of doing oversight.)
So, again, I'm all for companies being subject to legal regulations and oversight. But I'm also very much against companies sharing customer data with governments any more than is absolutely necessary. (Where "absolutely necessary" means some amount of transparency to enable oversight, and the occasional compliance with a valid warrant for specific data. It is most certainly not necessary for government agencies to have complete access to customer data or communications.)
Re:United "Abominartions" is more like it. (Score:1, Insightful)
There have been two applications of collective security - Korean War, and Kuwait.
I take it you don't disagree with those, since you didn't list them.
They are so few because member states don't vote for it often.
They do, though, vote for Peacekeeping operations, and there have been a LOT of them, where the "UN" was there. and by the UN, I mean member states who were willing to step up to the plate and put lives on the line to help people in other countries.
I think your problem is not with the UN, but with the member states not stepping up to the plate.
But the UN can't force them because it's NOT a world government.
Re:I think I speak for all of us... (Score:5, Insightful)
You do understand that US demands the same kind of access? I
In the case of Blackberries, they don't. From the AP article:
"Governments in the U.S. and elsewhere have largely made their peace with encryption technology. E-mails can still be obtained through legal channels, for example by obtaining a warrant to search the corporate servers of companies that use BlackBerrys."
Sure, they're sniffing where they can, which I don't3like, but they're not demanding that secure systems be broken wholesale so they can access them.
Re:Who do you trust more? (Score:3, Insightful)
If your government isn't accountable, you can replace them. If RIM, Google, or anyone else decides to abuse your data... what then?
If RIM or Google or any other company decides to abuse your data, you can stop doing business with them. If your government decides to abuse your data (like maybe punishing those who organize to try and replace it), what then?
Very well ... (Score:4, Insightful)
Re:Who do you trust more? (Score:4, Insightful)
Re:I think I speak for all of us... (Score:3, Insightful)
There is your problem. Or I should say "our" problem, or really "everyone's problem".
Keep in mind that RIM already offered the ability to process judicially authorized wire taps and act as an intermediary. That was turned down. What they are stating is a legitimate need for is completely unmonitored, honor based access to ALL data. They will monitor themselves and be responsible for protecting the privacy of their own citizens.
When that douche at the UN says "legitimate", it may not mean the same thing a citizen means. Governments use fear all the time to justify why our rights need to be set aside for the greater good, and IMO, We the People seem to rarely agree lately. Crime is one thing, when you add in vague military threats of other countries, and even more difficult threats of terrorism from groups that really have no country, you now have a situation in which the reason why our rights needs to be set aside is permanent.
For them, legitimate simply means it might possibly be used to curb crime and terrorizers. This purported legitimacy is enough to eliminate privacy at almost every level. The attempt to assuage our concerns over privacy is made with weak and flimsy arguments that the data will only be looked at by appropriate personnel and protected.
Is the protection of data by the government even really true? Not at all. It is a completely disingenuous argument, when in some cases they are actively selling the data to third parties. Private parties, such as PI's, have access to data that they should not have access to all the time. It is just a matter of skill and money. If anything, the recent event with WikiLeaks shows that the government has precious little ability to protect it's own information.
Right now, for the moment, our last line of defense is companies like RIM, and other ISPs. If they don't stand up and protect us, it's left all up to us, the people with the least amount of sophistication to do so. Like you pointed out, the Patriot Act is over the top and abusive (an understatement), and companies have caved.
When our rights are weighed against shareholder's, assets, future profits, etc., and in some cases, the freedom of the executives involved, we are deeply and truly screwed.
Probable causes and the approval of the Judicial branches of governments is largely dead. I too support reasonable situations in which somebody's rights to privacy is set aside when they are suspected in being involved in a crime. However, what RIM is showing us is that all of that is simply being bypassed by the intelligence communities (on behalf of the governments).
What I am more concerned about is the inevitable failure of the governments to gain access to the data. Most of us have already realized that we cannot trust 3rd party corporations with our security. The average consumer has not, or in the case of blissfully ignorant teenagers, or flower-child like citizens with the nothing-to-hide-nothing-to-fear, don't value privacy at all.
There are quite a number of offsite data backup corporations now that allow the user to maintain the encryption keys locally and the "ISP" in this case simply lacks the ability to turn over unencrypted data to the government.
Similarly, ZRTP, and other projects are developing that will allow users to take back their privacy by only storing encrypted data with providers and locally maintained programs, or browser plugins, decrypt the data at presentation time.
When this becomes mainstream, I fear what the government response is really going to be. China has already made it clear that it views anonymity as a threat to society and the state.
Judicial warrants have become nothing more than a relic of better times that us older citizens will look back on, and then look with sadness and concern for the younger generation.
Interesting times....