From the Guardian:
(Cameron’s proposal went down) poorly. Security expert Graham Cluley said Cameron was in“cloud cuckoo land”, and tech start-ups said they would have to abandon the UK if his suggestions came to pass… (hint: that’s Eris Industries they’re talking about)
Perhaps unsurprisingly, Downing Street scrambled to back-pedal the comments. Guy Levin, the head of tech lobbying group Coadec, said he’d been told by Number 10 “that [the Prime Minister’s] comments are not about banning encryption.” Instead, he was told the remarks were about application of two existing laws, the Data Retention and Investigatory Powers Act (Dripa) and the Regulation of Investigatory Powers Act (Ripa), “and finding a way to work with [internet companies] to deliver on them.”
As I put it on Radio 5 (an approximation of my remarks from memory as I’m typing this in a conference hall):
With all due respect to (David Cameron’s supporters, they’re) drinking the government’s kool-aid. The government claims that 25% to 40% of the requests for data they’ve made over the last year (under recent communications intercept legislation) have resulted in lives being saved. Considering they made 30,000 requests, this means that they saved 15,000 lives (note: I know this is 50%, it was an approximation and I was chatting on the fly) meaning that somehow this surveillance has magically reduced the United Kingdom’s murder rate by 2,000%. Which is clearly absurd.
Math for the win. The UK’s historic murder count is about 630 per annum, give or take. (30,000 x 0.4) = 12,000 = (630 x 19.04). So, a 1,904% reduction, assuming both the maximum figure the government quoted and the minimum figure for life saved per intercept (one). This is clearly bullshit. Murder continues to tick over at a reliable 630ish incidents per year; the government’s statements on the matter simply cannot be true unless society has become an order of magnitude (and then some) more violent without anybody noticing.
If I might venture a further thought, it means very few (if any) lives are being saved by the extensive security apparatus to which we are all subject.
I continued:
They don’t need this surveillance. It’s completely unjustified. They’re making up statistics and pulling them out of thin air. The fact remains that if this is passed there will be a mass exodus of tech companies from the UK. We will move somewhere else, carry on doing what we’re doing in exactly the same way we do today, British people will continue having access to it, and we won’t give a damn what the UK (government) thinks, because we’ll be headquartered somewhere else outside of the country.
If there were any indication that the terrorists in France, or indeed those in 9/11, had used encryption to carry out their attacks, which they did not, maybe I’d agree (with David Cameron’s) position. The fact is that encryption protects ordinary people, not criminals and terrorists. It should remain entirely free and legal.
Considering we’re about building truly private and secure communications and transactional systems, rest assured we’ll be happy to give you a hard time about any further legislation on this matter.
In a very friendly-cuddly-marmot sort of way, naturally.
I no difficulty believing the spurious nature of government claims on the necessity and effectiveness of intercept evidence obtained through authoritarian legislation, however I don’t think its a reasonable to assume that the mininum number of lives saved per intercept is 1.
It seems quite resonable that several hundred intercept requests might in aggregate result in a single piece of ‘actionable intelligence’ that may be argued to have saved a single life; this is a weak statement. If the requests were somehow completely independent (wrt savable lives) then your argument might hold, but that doesn’t seem to be the case.
I think the bullshit in the statement is instead its irrefutability and vagueness; how long a chain of events, or how tagential a connection do you admit between a piece of intercept intelligence and the notional saving of a life to qualify for inclusion in this category? Also how inevitable was the loss of life, given that once a plot has been ‘foiled’ we can never know how close to fruition it was?