Dear Mr. Djanogly,
Having written to MPs in the past — even to those whom are more closely aligned with my views — I am not confident that this letter will be met with anything more than token acknowledgement, platitude or unwavering adherence to your party rhetoric. Indeed, I am so disenchanted with our oligarchic system, that I’m sure that even if I am able to persuade you of my argument, when it comes to legislature, you will submit to the whip. That notwithstanding, I have increasingly grave concerns over the direction in which government policy on data and communication security is taking, such that remaining silent is no longer an option.
I didn’t vote Conservative in the recent general election and my convictions are probably unrepresentative of the 36% of the Huntingdonshire constituency that won you your seat. That said, as a senior software developer for a world-class scientific institute, having a background in mathematics, a working knowledge of cryptographic engineering and being a member of the Open Rights Group, I at least consider myself to be well-informed on the subject.
As you yourself are someone of professional legal standing, I would hope that the policies being put forward at least give you pause. How, for example, is this recent dystopian quote from David Cameron even reasonable, let alone justifiable?
For too long, we have been a passively tolerant society, saying to our citizens: as long as you obey the law, we will leave you alone.
Your manifesto calls for:
- New communications data legislature — the so called “Snooper’s Charter”, which has been repeatedly dismissed by the House of Lords for being too sweeping and lacking in objective consultation — which was announced by Theresa May within hours of the election result. The proposed bill increases the remit of the Regulation of Investigatory Powers Act and, along with last year’s rushed and heedless Data Retention and Investigatory Powers Act, legitimises the broad, warrantless surveillance of citizens, exposed by Edward Snowden, by GCHQ and other signal intelligence agencies around the world. It enables draconian powers, without check, that could be used to silence freedom of speech arbitrarily. At the very least, it is an expensive system that, by its very nature, probably won’t work that well, is open to abuse and provides no guarantees for the people it’s trying to protect.
The scrapping of the Human Rights Act, which surmounts to the dissolution of habeas corpus. Whatever happened to “checks and balances” or the presumption of innocence until proven otherwise by due process? This — as with everything in the politics of fear — is aimed at “extremism”, but how is this defined and what’s to stop the corruption of this definition at the whim and convenience of whomsoever happens to be in power?
Censorship, blocking and restriction of certain online content, when the UN has, in 2011, described Internet access as a human right. What gives anyone the moral authority to deem things inappropriate? How can such a system be justified when it demonstrably blocks false-positives (e.g., when the recently mandated adult content filter blocked charities who help those struggling with sexual abuse)? When did North Korea become the model to emulate?
Moreover, there have been repeated calls for the weakening of cryptographic systems (e.g., using “backdoors” or key escrow) from government, security and law-enforcement agencies. However, any cryptanalyst will tell you that weakened security is broken security. Imagine, for example, that every lock were made to accept two keys — your own and a master key, for the authorities — how long do you think it would take before that master key was reverse engineered? I predict it would be a matter of hours. Cryptography is more complex, but the principle is the same and not without precedent (e.g., the breaking of the CSS key used by DVDs).
While you may be able to legislate that commercial security products can be compromised, given that open cryptography algorithms won’t (or even “can’t”) be jeopardised in such a way, does this imply that they will be outlawed in the UK? An outlaw on an algorithm is an outlaw on thought itself. Again, quoting a recent statement from the UN:
Encryption and anonymity, and the security concepts behind them, provide the privacy and security necessary for the exercise of the right to freedom of opinion and expression in the digital age. Such security may be essential for the exercise of other rights, including economic rights, privacy, due process, freedom of peaceful assembly and association, and the right to life and bodily integrity.
I appreciate the need for security, but omnipresent state surveillance is not the solution. This just breeds an air of distrust and erodes whatever cohesion that still exists within society. As Benjamin Franklin is often quoted:
Those who would give up essential liberty, to purchase a little temporary safety, deserve neither liberty nor safety.
The trite argument of having nothing to fear if you have nothing to hide is spurious. No one lives their life entirely in the open, for the whole world to see, and for good reason. Whatever a person’s intent — malign or inconsequential — their trust must be earnt. A government is no more implicitly trustworthy than any other entity and if one is suspected of a crime, then their privacy may only be surrendered by judicial warrant.
To be perfectly clear, I don’t condone violence or hatred, but the freedom of the many is of far greater importance than the threat posed by the few.
At a time when our environment is on the brink, rather than control in the (false) name of security, a much higher priority is the husbandry of our home. As for governance, it seems clear to me that the promotion of cultural pluralism, to combat the growth of a sectarian society, economic diversity outside the realm of the financial industry (e.g., investment in science and technology) and advocacy of critical thinking over the rise of propaganda and misinformation should be your greatest concerns. Of course, it’s harder to govern an opinionated and emancipated electorate, but your interests should be that of the people, not of yourselves or your benefactors.
In the meantime, I for one will be taking steps to secure my digital footprint — using strong cryptography wherever possible, hosting data in digital havens such as Iceland, etc. — and will actively encourage others to follow suit. I hope that will not brand me as an extremist!
P.S., I have taken the liberty of publishing this letter openly on my website. I invite you to respond, therein. Otherwise, unless you explicitly forbid it, I shall faithfully publish any written response I receive from you there.