This event has been cancelled
Ross Anderson - Crypto War 3 – The DMA, Chatcontrol and now Patchcontrol?
Host
David Clark
CSAIL MIT
Abstract:
The intelligence and law-enforcement communities have been tussling with industry for over thirty years to limit the use of strong cryptography. In Crypto War 1, the Clinton administration pushed the Clipper chip, export keylengths and 'trusted third parties'. After 9/11, illegal wiretapping programs extended to large-scale intercept at mail servers; Ed Snowden exposed this in 2013. Industry fought back with end-to-end encryption, which the agencies are now working to undermine using a variety of strategies. In this third crypto war, the weapons are mandated interoperability of messaging systems; client-side scanning and other mandated "safety" tech; and even a power to demand official approval for security enhancements and bug fixes. I will describe how these tussles have been working out in the EU and the UK.
Population-scale text scanning cannot be effective for the claimed purposes, as the false alarms would swamp the police. It could also not be legal as it would contravene the European courts' ban on bulk surveillance without warrant or suspicion. And crimes of violence against children mostly occur in the family. They are associated with violent crime against women and with misogyny in general. Both require an entirely different and local response involving police, social workers, teachers, and family members. And the most effective means of detecting abuse online is by making it easier for users to report it.
Bio:
Ross Anderson is Professor of Security Engineering at the universities of Cambridge and Edinburgh. He is a Fellow of the Royal Society and the Royal Academy of Engineering, and won the Lovelace Medal, Britain's top award in computing.
The intelligence and law-enforcement communities have been tussling with industry for over thirty years to limit the use of strong cryptography. In Crypto War 1, the Clinton administration pushed the Clipper chip, export keylengths and 'trusted third parties'. After 9/11, illegal wiretapping programs extended to large-scale intercept at mail servers; Ed Snowden exposed this in 2013. Industry fought back with end-to-end encryption, which the agencies are now working to undermine using a variety of strategies. In this third crypto war, the weapons are mandated interoperability of messaging systems; client-side scanning and other mandated "safety" tech; and even a power to demand official approval for security enhancements and bug fixes. I will describe how these tussles have been working out in the EU and the UK.
Population-scale text scanning cannot be effective for the claimed purposes, as the false alarms would swamp the police. It could also not be legal as it would contravene the European courts' ban on bulk surveillance without warrant or suspicion. And crimes of violence against children mostly occur in the family. They are associated with violent crime against women and with misogyny in general. Both require an entirely different and local response involving police, social workers, teachers, and family members. And the most effective means of detecting abuse online is by making it easier for users to report it.
Bio:
Ross Anderson is Professor of Security Engineering at the universities of Cambridge and Edinburgh. He is a Fellow of the Royal Society and the Royal Academy of Engineering, and won the Lovelace Medal, Britain's top award in computing.