Going Dark

Going Dark refers to the loss of access to the communications of targeted individuals or corporate entities by law enforcement and national security agencies. Such loss of access is typically (and ironically) caused by strong encryption and privacy mechanisms that are becoming more widespread lately. Why, you ask? Well...

It started with Edward Snowden's 2013 leaks about a Five Eyes (Australia, Canada, New Zealand, the United Kingdom and the United States) program called MUSCULAR, under which intelligence agencies bypassed the need to obtain a warrant to collect communications data from private sector service providers, instead tapping directly into the international networks these providers used for transmitting customer communications data.

After such eye-opening revelations, it doesn't come as a surprise Internet Service Providers (ISPs) and individuals started taking cybersecurity seriously, which made the work of law enforcement and national security agencies substantially more difficult.

Hoping to win customer trust, Google, Facebook and Apple now offer End-to-End (E2E) encryption in messaging and email - and in most of their products too. Google has a particular bone to pick with the MUSCULAR, after it became known that the US government has been tapping directly into communication between Google's internal servers by physically cutting into its Transatlantic cable running at the bottom of the ocean. Google has historically been on top of privacy concerns, so the company responded by introducing E2E communication between their internal servers as well. Many other ISPs and individuals followed the charge and started offering E2E as a measure of maintaining confidentiality of communication and personal information.

Australian ex-Prime Minister Malcolm Turnbull called on telecommunication companies to ban all systems that enable E2E encryption with little success, while British Home Secretary Amber Rudd opined that “real people” don’t require E2E encryption.

RCMP Commissioner Bob Paulson said that law enforcement in Canada needs legal remedies to enable access to encrypted info. He also commented that Canadian law enforcement is lagging behind their Five Eyes counterparts when it comes to hi-tech investigative capabilities in general.

In Canada, Section 8 of the Canadian Charter of Rights and Freedoms protects against unreasonable search and seizure by government agencies. Government must obtain lawful authority prior to conducting a search - however, there is some ambiguity as to what information can be considered private by an individual, and there are many precedents where The Supreme Court has repeatedly recognized the privacy interests associated with digital info.

Certain national security agencies have suggested (and used in the past) deliberately building weaknesses - called backdoors - in strong encryption algorithms, which deserves a separate article on my part. As you can presume, this fantastic idea has at least one caveat: if the "good guys" can exploit such weaknesses, so can the cybercriminals.

So what we have on our hands is an interesting dilemma: would you rather be safe, or have privacy?

26 views0 comments

Recent Posts

See All