WELCOME to Connected Rights, your bop in the bop-shoo-bop-shoo-bop of digital rights news and analysis.
THE WAR ON ENCRYPTION has galloped over the threshold of farce in Australia, where prime minister Malcolm Turnbull has announced a surprising downgrade for the jurisdiction of mathematics.
Following the UK’s lead, the Australian government has announced that it will try forcing online communications companies to give authorities access to end-to-end encrypted communications. Attorney-general George Brandis insists that the government doesn’t want to introduce backdoors: http://ab.co/2uBvp2X. However, it does seem to think that it’s nonetheless possible for companies to provide access to communications to which they don’t hold the key.
The whole point of end-to-end encryption, of course, is that only the sender and recipient can unscramble the message. Anything else is mathematically impossible. Or is it?
“The laws of Australia prevail in Australia, I can assure you of that,” Turnbull told ZDNet on Friday. “The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia.” http://zd.net/2uHFPyE
Yes, he really said that and, somewhat incredibly, the opposition party has decided to agree with him: http://zd.net/2vB4aTm. Twitter user Nithin Britto summed things up quite well: “Can anything be more 2017?” http://bit.ly/2vhvbMa. And if you want to hear an actual mathematician explain Turnbull’s folly, here you go: http://bit.ly/2vAHlin
Meanwhile, some wag has created a web app called Brandis, which uses the end-to-end encryption technology built into everyone’s browser to generate keypairs that anyone can use to shield their communications. https://brandis.io/. The point being: you can’t stop people protecting themselves.
On the same day that Turnbull emitted his math-phobic mutterings, the UK officially notified the European Commission of its intention to force online communications providers to bypass encryption. It has to notify the Commission under EU law, because the services concerned are digital in nature: http://bit.ly/2uyrWlO.
The Commission and the EU’s other member states now have three months to consider the government’s proposed “technical capability notices” and raise any concerns they might have about potential barriers to online trade.
Also on the same day, British digital minister Matt Hancock gave a speech about boosting public trust as artificial intelligence becomes a thing: http://bit.ly/2teTqsQ. “What do we know now about what drives or harms public trust in the digital age?” he mused. “Maybe your government’s Technical Capability Notices for one,” commented Open Rights Group campaigner Ed Johnson-Williams on Twitter: http://bit.ly/2uHAwPX
And in the US, the Democratic Congressional Campaign Committee has started using the end-to-end-encrypted Wickr messaging app, to avoid the misery that followed the email hacks during last year’s election campaign: http://bzfd.it/2uEb79L. Again, math(s) is your friend, folks.
THE UK’S NEW LAW DEMANDING AGE CHECKS for users of online pornography services will go into effect in April next year, the government has announced. It’s not yet clear how this will work, though: http://bbc.in/2u4WnPv
The Open Rights Group has long been warning of the dangers inherent in such a scheme, and it’s not stopping now. “Age verification could lead to porn companies building databases of the UK’s porn habits, which could be vulnerable to Ashley Madison style hacks,” noted executive director Jim Killock. “The Government has repeatedly refused to ensure that there is a legal duty for age verification providers to protect the privacy of web users.” http://bit.ly/2vBhbfD
INTERNET-CONNECTED TOYS present serious potential threats to children’s privacy and safety. Yes, we’ve heard this before from the authorities in privacy-tastic Germany, but this time the warning is coming from the US Federal Bureau of Investigation: http://bit.ly/2t8LRnE
“Consumers should examine toy company user agreement disclosures and privacy practices, and should know where their family’s personal data is sent and stored, including if it’s sent to third-party services,” the FBI said. “Security safeguards for these toys can be overlooked in the rush to market them and to make them easy to use. Consumers should perform online research of these products for any known issues that have been identified by security researchers or in consumer reports.”
AN AMERICAN MAN WHOSE HOUSE BURNED DOWN is on trial for aggravated arson and insurance fraud, and the court is trying to figure out whether to believe his version of events. To that end, the court has decided to allow prosecutors to present evidence from the defendant’s own heart.
A cardiologist says the data readout from Ross Compton’s connected pacemaker, at the time of the fire, doesn’t show the sort of heart rate and rhythms that you’d expect to see with someone desperately trying to flee a fire that had woken him up. As CNET asks, does this mean that data from other digital health devices could be used against people in a similar way? http://cnet.co/2ujWtmY
It’s worth noting that this sort of thing isn’t entirely without precedent. Earlier this year, a Connecticut man was charged with his wife’s murder, after the movements recorded by her fitness tracker contradicted his version of events: http://nydn.us/2oEQDag
CAN YOU TRUST YOUR EYES? Depends how closely you’re looking. US researchers have developed a way to manipulate videos of people that doesn’t just put words in their mouths – the AI-based technique makes it look like the phoney words belong there. Here’s some bogus footage of Barack Obama: http://bbc.in/2uvWd4q
I guess if you look really closely, you can tell something’s not quite right. But at a cursory glance, it looks perfectly genuine. And remember, this is just a fledgling technology. It’s not hard to imagine how it could be used to terrible effect at some point down the line.