Years
ago, I came across stories of a government-backed scheme to monitor
communications traffic. This project was established by the USA, UK, Canadian,
Australian and New Zealand governments (“FiveEyes”) to monitor phone calls,
faxes, emails, etc, on a worldwide basis. “Ah”, you might say, “I’ve read about
the NSA monitoring in the recent news”. I’m not talking about that, I’m describing Project ECHELON,
which was set up in the 1960s as part of the Cold War.
By the
end of the 20th century, this system had evolved beyond its military and
diplomatic origins to become "a global system for the interception of
private and commercial communications" (according to a European
Parliamentary report). In 2001, the EU Committee investigating ECHELON
recommended to the European Parliament that EU citizens routinely use
encryption in their communications to protect privacy - to counter economic
espionage conducted by US intelligence services via ECHELON.
So, when
the disclosures by a former NSA contractor began to be revealed by the press in
2013, it was not exactly “new” news - at least to people who knew about
ECHELON. Because of the way the disclosures have been made and the major
increase in on-line communication during the 21st century, a huge
public debate has started about how governments spy on their citizens and other
people worldwide.
Edward
Snowden, the NSA leaker, has been called variously: a hero; a patriot; a
whistleblower; a traitor; and a dissident. Which moniker applies depends upon
your point of view. Should we expect our
emails to be private, or should the government be allowed to check (in secret)
for “threats to national security”?
A lot of
people believe that, while they have nothing to hide, they have a fundamental
right to privacy. In line with the recommendation made back in 2001 by that EU
report, many have resorted to using encryption to keep the contents of their
online communications private. What exactly does it mean to encrypt email?
If you
know your World War 2 history, you will have heard of the Enigma machines used
by the German military to keep their communications secret. Messages were coded via a complicated mechanism,
broadcast to the recipient who would use the same type of machine to decode the
message. The coding/decoding method changed regularly by means of new
“keycodes”. It took the Allied forces a long time, but they eventually managed
to break the Enigma coding system and read the secret messages.
The same
idea is used today. An email is passed
through encryption software and then the coded message is mailed. The recipient
uses a decoding version of the software to decrypt (unscramble) the message and
read it. There are several types of encryption, some involving more and more
lengthy or complex keycodes. However, as the sophistication of such software
has increased, you can be sure that the capabilities of the NSA, GCHQ and other
services have also increased, as has the legal backing for their actions.
The
Lavabit email service tried to provide secure email by automatically encrypting
all email sent through their servers. Lavabit decided to close down in August
2013 after the US Government ordered it to hand over its SSL private key (which
opened all email to official scrutiny).
Encryption
is being used more widely. You can keep your secrets away from most people. It
just makes the security services work a tiny bit harder to read your data if
they choose to. You can’t (yet) keeps things secret from THEM.
