The appalling assault in January on the offices of satirical publication Charlie Hebdo was an assault on the notion of free speech, a point recognized by a smorgasbord of world leaders who marched through Paris proudly declaring ‘Je suis Charlie Hebdo’ (although it turns out that the well-publicized photos of leaders linking arms in solidarity were taken on a side-street, away from less exalted marchers at the biggest demonstration in France’s history).
Many of these leaders then almost immediately, and without the slightest trace of recognising the irony of the situation, went home and used the Charlie Hebdo incident as an excuse to push for stricter censorship and wider surveillance powers.
Among the worst offenders in this regard is France’s own President Francois Hollande, who not only started arresting anyone who expressed an alternative view of the events, but who promised to hold web companies who acted as ‘accomplices’ to terrorism by allowing users to post ‘hate speech’ on their servers responsible for such posts,
‘The big operators, and we know who they are, can no longer close their eyes if they are considered accomplices of what they host. We must act at the European and international level to define a legal framework so that Internet platforms which manage social media be considered responsible, and that sanctions can be taken.’
‘[The proposed law] wants to force intermediaries to “detect, using automatic processing, suspicious flows of connection data”. Internet service providers as well as platforms like Google, Facebook, Apple and Twitter would themselves have to identify suspicious behavior, according to instructions they have received, and pass the results to investigators. The text does not specify, but this could mean frequent connections to monitored pages. ‘
As TechDirt observes, the wording is worrying vague, and because no warrant is required for any of it, ‘the scope for abuse and errors will be huge.’ Even more worrying, however, is that the bill requires internet services to decrypt and monitor users’ data (effectively acting as gatekeepers to the internet), and that they hand over users’ private encryption keys to the government,
‘The Intelligence bill also addresses the obligations placed on operators and platforms “concerning the decryption of data.” More than ever, France is keen to have the [encryption] keys necessary to read intercepted conversations, even if they are protected.’
This line of reasoning closely follows that of UK Prime Minister David Cameron in his call for legislation to ensure there is no ‘safe space’ for terrorists to communicate over the internet, also made in direct response to the Charlie Hebdo attack.
Not only is any such legislation a direct assault on precisely those freedoms that the Charlie Hebdo staff died for defending (and if terrorists successfully cause our society to repeal the hard fought-for liberties that define it, then they have already won), but also leaves a big white elephant in the room – end-to-end encryption.
End-to-end encryption means that users generate and keep their own encryption keys – they are not held by any third party that can turn them over to a government or use them to decrypt customers’ data (which is why US law enforcement agencies are getting so riled up about tech companies such as Apple and Google implementing end-to-end encryption in their wildly popular products – mainly as a consequence of collapse in public trust in the companies following Edward Snowden’s revelations that they cooperated with the NSA to spy on them all).
When the French government realizes that end-to-end encryption will effectively make a joke of its shiny new legislation, it will be interesting to see its response. It could attempt to place restrictions on it or ban its use entirely, but not only would this make France one of the most draconian anti-freedom countries in the world, but in this interconnected day and age any such restrictions would almost certainly be largely ineffective. ‘Liberté, Equalité, Fraternité ?