you're reading...
Information Security, Security

Privacy v Regulation

This is an argument that has raged for several years now – and there is not an issue say answer.

When we hear of an atrocity such as the one in London (03/Jun/2017) it is often followed by itv some statement or comment about radicalisation, possibly via the Internet.  It is true that social media platforms provides some of the oxygen that allows extremist views to propagate (that includes white bigotry, for the record).

Also, modern encryption is pretty sophisticated and, when utilised well, near impossible to crack without the original “keys”.  Excellent if you are a corporation or government sending sensitive information over public channels (Internet, postal service and so forth).  A major obstacle though if you’re in law enforcement and attempting to obtain evidence about (or even better, to prevent) a serious incident.

The social media outlets are taking steps to limit the impact of extremist views on their platforms.  This is going to take time to develop but is certainly have an effect already.  Intelligent systems are learning to identify such content and block/remove it as it is reviewed and confirmed.  Can this be done more aggressively? Absolutely but much of the Internet is controlled by a defacto policy of “freedom of speech” and any curb on that will be heavily resisted.

Encryption though if a significantly tougher nut to crack.  As has been pointed out many times, any mechanism that allows encryption to be “broken” for law enforcement allows encryption to be broken in any other circumstance.  We could no longer rely on our communications being confidential.  Once a government has such a tool all and every malicious party (extremists, hackers and fraudsters alike) will be hell-bent on finding out how that works and then all security online is lost.  They have huge resources and, if a backdoor exists, they will find it.

Perhaps the best approach is trying to understand the deep relationships and communication channels that hide amongst the vast and normal chatter online.  Perhaps here technology can be our saviour.  Perhaps we can implement systems that integrate levels of machine learning that can decipher these patterns, identifying anomalous behaviours.

But this comes with a further problem – we would all need to accept that the authorities are watching the Internet and our communication channels.  You cannot identify anomalies without monitoring, understanding and disregarding the mundane. The ordinary.

There are a huge number of complex, perhaps unanswerable questions that modern society must face and carefully weigh.

About harlekwinblog

"Thoughts of an idle mind." Information Security professional.


No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: