Ever since the Edward Snowden allegations the world has been up in arms about what governments, and especially their security and intelligence agencies, do or can do about information gathering. Snowden’s releases have convinced many that Big Brother is alive and well and that our privacy is gravely threatened. It is all too easy, say those in his camp, for regimes to learn everything about you and in the end there is no place to hide.
(Side note: I worked in intelligence, including signals intelligence or SIGINT, for over thirty years and hence I am biased, but this debate strikes me as a little inconsistent. Many of those complaining of government snooping are all too ready to leave their FaceBook privacy settings open so all the world can see what they are up to, or allow companies to place cookies on their computer so all their online activity can be monitored)
The latest brouhaha is the request by the FBI to have Apple unlock the I-phone of San Bernardino terrorist Syed Rizwan Farook so that the Bureau can get a better idea of his contacts and possible future attacks. Apple chief Tim Cook has so far refused to comply, citing possible add-on implications for his products’ security and customer privacy (see story here).
I must confess that I am a little confused at Apple’s response. Farook is dead. He committed a significant terrorist attack with his wife. There may be information on that phone that could help authorities identify other terrorists and thwart future attacks. So, what is the issue?
Apple implies that if it says yes this time the security and trustworthiness of its phones will be compromised. This is the “slippery slope” argument. I have a confession: I HATE slippery slope arguments because they are sloppy and seldom well argued (maybe they should be called “slippery sloppy” arguments). The FBI has already stated that this matter is a one-off. Should similar circumstances arise, the Bureau could make an analogous request. I don’t see this as a demand for a back door into all phones.
People are funny. They expect – no they DEMAND – that their governments identify and neutralise all terrorism and yet they balk at providing the agencies tasked with doing so the tools they need to succeed. This is the same as eating your cake and having it too (NB that is apparently the original phrasing for that axiom).
In an recent op-ed piece, two former senior CSIS officials, Luc Portelance and Ray Boisvert (full disclosure: both men are friends of mine) put this dilemma nicely: I want to quote from their article (you can see the whole thing here)
“In a globalized threat environment, security agencies are often stymied in their investigations due to evolving Internet and encryption technologies. The problem of threat actors “going dark” is a serious and legitimate concern that must be addressed with the same vigour that is dedicated to protecting the privacy of our citizens. Although discomforting to some, we must engage in a balanced examination of the need for some form of lawful access that ensures precisely targeted interception of communications within a strict legal framework.”
This is well framed and should be considered. We need a dialogue on what we are willing to accept when it comes to our law enforcement agencies’ and security services’ mandates and capabilities.
We cannot expect to be kept safe without making small concessions to privacy. The world does not work that way. Think carefully about what kind of society you want: the choice is not between one with ultimate personal secrecy and one with ubiquitous terrorism and crime. There is a reasonable middle ground – let us take it.