I’ve been sent a certain news piece many, many times over the last few days and the story has appeared in various guises such as ZDNet’s London police charge man with terrorism over use of encryption. This has led to some degree of hysteria and much concern about the proverbial encryption sky falling:
“Hey, did you see you can be arrested now for using encryption?!”
“Aren’t you worried you could go to jail for serving your blog over HTTPS?!”
Outrage! But then again, there’s a lot of people on the web that like expressing outrage at the first opportunity and were their interpretation to be true, then it would genuinely be outrageous. But this is merely a case of selective interpretation and it’s not the first time we’ve seen it either.
Last year there was similar mind-losing after headlines such as Even Learning About Encryption In Australia Will Soon Be Illegal. People were honestly asking me if I feared prosecution for running workshops that teach software developers how to use HTTPS. I mean the headline says I’m going to be heading for trouble if I actively help people secure their communications, right? Yet as of this moment I remain on the loose, as does every single other Aussie who has done nothing more than teach people how to use encryption for legitimate purposes.
The thing with both these cases is that once “terrorism” gets thrown into the mix with absolutely anything, common sense seems to go out the window. You could present terrorism in the context of poetry and someone would claim there’s a law now banning it and others would decry its demise but as with encryption, this would be a very selective interpretation of the law. But of course encryption also does play an active role and helping to facilitate illegal activities (amongst its many other legitimate uses), so it shouldn’t be entirely surprising that it’s going to come under scrutiny when someone’s using it as part of a sinister plot.
There’s a great statement in that ZDNet story from a human rights lawyer which says:
"Section 5 can criminalize acts that, on their own, would be completely legal - if prosecutors can show that the end purpose of those acts might be terrorism”
So hang on – if you’re setting out to achieve a terrorism end, the things you do to help you reign terror down upon the people may be illegal? Who'd have thought it…
And this is really the point with all the fearmongering about encryption – it’s what you intend to do with it, not the fact that you’re using it. We could extend that rationale to all sorts of everyday things such as chemical, knives and even motor vehicles. All of these have been used for terrorist acts yet we all happily use them day in and day out without fear of prosecution, just as we all use encryption in our everyday lives.
When a headline looks sensationalist, it deserves reading beyond the big text and actually drawing some common sense conclusions. Wake me when a garden variety blogger is charged for serving it over HTTPS.