UK Law Enforcement Is Against "3-Strikes" 134
Now that the UK is discussing plans for some form of 3-strikes regime to discourage file-sharing, TechDirt reports that the fans of due process have picked up unlikely allies: the law enforcement and spying establishments fear that a 3-strikes policy would result in far more encryption on the Net, greatly complicating their jobs. "Of course, they're not as concerned about due process and civil rights, as they are about making it more difficult to track down criminals online: 'Law enforcement groups, which include the Serious and Organized Crime Agency and the Metropolitan Police's e-crime unit, believe that more encryption will increase the costs and workload for those attempting to monitor internet traffic. ... A source involved in drafting the Bill said that the intelligence agencies, MI5 and MI6, had also voiced concerns about disconnection. "The spooks hate it," the source said.'" The Times (UK) Online has more details.
Of course... (Score:3, Insightful)
They dont want people to have any excuse to use encryption other than if you've got something to hide.
Besides.. linking terrorists to filesharers is a stretch despite how much easier it would make the UK RIAA's job.
Law enforcement isn't a US sports game (Score:5, Insightful)
Never really understood this "3 strikes and you're out" theory. Law enforcement is too complex to be modelled after the rules of a US sports game. Can somebody explain how this idiotic idea came about, the thinking behind it?
What next? You don't go to jail if you say "Simon says" before committing an offence? Police can't arrest you if you're not touching the ground when they catch up with you?
Re:UK (Score:5, Insightful)
They are not concerned for what is good for the people. They don't want the law solely because they are afraid that it will lead to citizens making use of encryption that makes it harder for them to snoop. Pure selfish interest.
Re:Law enforcement isn't a US sports game (Score:5, Insightful)
Can somebody explain how this idiotic idea came about
It comes from the music industry executives.
the thinking behind it?
There isn't any.
Well, other than the fact that taking people to court, not to mention the whole annoying thing about having to come up with evidence/proof, is too difficult. So they thought it would be a good idea if they could just bypass the legal system. All that "due process" stuff is too much trouble. It's much easier if they can just kick people off based on accusations.
Re:Soo... encryption isn't that useful to begin wi (Score:5, Insightful)
IIRC, you are required to turn over keys if asked by the government in the UK, jail time if you don't.
If they're currently trying to figure out who to ask keys from, if everyone does it, workload on figuring out what is malicious and requires them to ask everyone or figure out some way to narrow it down.
Showtime! (Score:1, Insightful)
Time to break out the popcorn and watch the private sector fascists go to war with the government fascists.
Competition in the fascism market benefits everyone. I think we can pretty much all agree we don't want any monopolies here...
Re:UK (Score:4, Insightful)
Re:Soo... encryption isn't that useful to begin wi (Score:5, Insightful)
If commerical encryption were truly unbreakable by these groups, then I'd assume that they would have outlawed their use by now.
They pretty much have. In the UK you are legally obligated to give up your keys if required.
Of course, then comes the question of how they're going to determine if the keys were the real keys... or just to the first layer... or just to the first and second layer... or...
The intelligence agencies would do well to object quite a lot; we still haven't the final mass migration to rubber hose protected encryption and f2f darknets, but it's well on the way. If three-strikes regulation becomes popular, then most of the internet will become pretty opaque to any form of snooping, and any real threats will happily tag along on the mass of ordinary citizens just out to protect their privacy from whatever lobbyist it tugging at the puppet strings of the politicians for the moment.
Re:Law enforcement isn't a US sports game (Score:3, Insightful)
Yes, the big idea of "three strikes" laws was that you were dealing with a repeat offender who wasn't at all rehabilitatable, and so the solution was to lock them up for an extended period of time. It was never completely clear if the extended period of time was to give them greater time to rehabilitate, if people were hoping that great prison sentences would serve as an increased deterrent (i.e. "I can't do anything bad because I already have 2 strikes!"), or if the idea was to get dangerous criminals off the street.
However, three-strikes laws have generally been considered failures, largely because they remove the possibility of judges using any discretion for sentencing. Arguably that was the point-- to prevent judges from being too soft on crime-- but really we have judges so that they can use their judgement on some of these very issues. You ended up with cases where a person could be sentenced to a life term in prison for a relatively minor crime, e.g. shoplifting.
Re:Soo... encryption isn't that useful to begin wi (Score:3, Insightful)
Even keyboard logging isn't a shoe-in. 90% of the time they're not also monitoring the MOUSE as well. Some programs are now using on-screen keyboards for password entry to get around keyloggers. You can also on many systems pair a key-file with your password. The keyfile needn't necessarily stay on your computer if it's easily retrievable.
For example, you could use a source file from the first release of the Linux kernel as a keyfile. It's easily remembered, and easily retrieved from tons of locations on the net, yet incredibly hard to guess.
You can also keep your encrypted media hidden in the real world. Take those little cell phone memory cards for example. They're like 1 cm squared and wafer thin, but can hold gigabytes of information. Go to your front door, remove the top hinge, and cut a tiny notch in the door behind the hinge. Stick your card there and then replace the hinge covering your little notch. Or open your VCR or game system and tape the thing on the inside of the device before reassembling. Unless they see you do it, almost no one will find that. Or worst case scenario, get a wooden box, put your card in a zip loc bag (or really several of them), and just bury the thing somewhere that you know isn't likely to be searched. Having the key is no good if they can't find the lock.
Also is the mere fact that not everything you encrypt is stuff you'll be accessing too often. I have encrypted containers that I haven't accessed in years. They'd be keylogging a LONG time before they caught me typing my password.
Re:Soo... encryption isn't that useful to begin wi (Score:3, Insightful)
My point is, no amount of encryption adds to your physical security. If they bug your ceiling, they can see you entering the password and doing all the other things you do with your computer. Hence the encryption does not make spying impossible, only a lot more expensive, geographically isolated, and more subject to the due process, as Znork (31774) points out nearby. IMHO, all the more reasons to use the end-to-end encryption as much as possible.
Re:Of course... (Score:3, Insightful)
I encrypt all my HDDs in both my laptop and my computers. With Truecrypt it is as easy as a few clicks, so really there is no reason /not/ to do it.
There are also numerous benefits. I can "wipe" the drive before selling/binning it by simply deleting the encryption key which takes seconds instead of hours for a full format. If my laptop is stolen or my house burgled then my private data will still be safe. Even my USB flash drives are protected that way.
The argument that anyone who uses encryption must have "something to hide" is totally bogus. Do people who put locks on their doors have something to hide? What about people who expect their bank statements "hidden" inside an envelope rather than on the back of a postcard? What about people who encrypt their wifi networks, thus preventing the police snooping it as part of a legitimate investigation?
Everyone has things to hide. I would challenge anyone to prove otherwise.