back to article EU privacy watchdog calls for new controls on surveillance tech export

EU controls on the export of technologies that can be used for communications surveillance and interception should be enhanced, the European Data Protection Supervisor (EDPS) has said. EDPS Giovanni Buttarelli highlighted the risks of surveillance and interception technologies being misused (16-page / 1.12MB PDF) in a recently …

  1. Anonymous Coward
    Anonymous Coward

    Aaaaand here we go again..

    Limiting export mainly means that someone will make a LOT more money when they sell it anyway (because that WILL happen, make no mistake).

    We saw this with the Prohibition (many a US fortune was built on that), we see it with the war on drugs (which is why it takes so long to legalise some as vast profits will vanish), we saw it with export restrictions on encryption .. the list of evidence that it doesn't work is pretty long.

    Don't get me wrong, it would be really good if we could stop bad guys getting hold of tools, but the harsh reality is that if there is interest, a way will be found - remember, there's profit involved, and from what I have seen so far it strikes me that especially US companies only follow rules that get in the way of profit if getting caught is too costly - not that there aren't EU companies that do the same, but I may have a bit of confirmation bias here.

    I think it's OK That they are trying, but without means to detect anyone breaking the law (which, ironically, would require surveillance and intercept) it's a lot of noise, and extra profit for some.

    1. Chris G

      Re: Aaaaand here we go again..

      Good points made there and it is a good thing that they are at least trying to limit surveillance but, as with all technologies; if it can be done, someone somewhere is doing it. Nuclear weapons, chemical weapons, human cloning and messing around with human genes. You can bet there are labs out there illegally experimenting with all of those and more.

    2. Ole Juul

      Re: Aaaaand here we go again..

      Quite right it won't work. But, as with all laws which are ineffective for their stated purpose, I still wonder if this proposed law wouldn't be used for some other invasive purpose as well.

    3. allthecoolshortnamesweretaken

      Re: Aaaaand here we go again..

      Dual use, always tricky... still, nice to see there are still people who care and at least try to do something.

    4. Anonymous Coward
      Anonymous Coward

      Re: Aaaaand here we go again..

      On the development of such tools, the US now has given service providers the right to nearly unrestricted use of such tools to their own systems which they will naturally monetize by selling their tools to others. Another cute feature of the law allows outsourcing of monitoring and policing to whomever they choose. Could be private, could be the government, anyone really so long as they "respect" First Amendment limitation. Right.

      That's in addition to freely sharing data which whomever they choose. Lovely. The US is moving to a free-fire zone even if the only measures used will be "defensive."

  2. Anonymous Coward
    Anonymous Coward

    Can we export GCHQ instead?

    EU Limp wristed as ever. We have a bigger problem with the NON-exported surveillance tech used by our own lot against us.

    Yes I'm pointing a finger at you Donutters in Cheltenham, and also at the politicians who've done cosy deals to sell us out.

    You Donutters knew that PRISM existed, you had access to it.

    You lot knew it could access email without respecting jurisdictional boundaries.

    You know/knew there's no magic wall around Ireland.

    You found out (and likely always suspected) that the "5-eyes No spy agreement" was worthless.

    http://www.theguardian.com/world/2013/nov/20/us-uk-secret-deal-surveillance-personal-data

    And yet not only did you not encrypt Parliaments communications, and protect your governments lines of communication, you even let them move Parliamentary email into a cloud with a known PRISM interface AFTER finding out the no-spy agreement was bogus!

    So can we export GCHQ instead? They don't work for us anyway.

    1. Nick Kew

      Re: Can we export GCHQ instead?

      That's a separate issue. This particular story is about exports. Any comment they had made about GCHQ in this context would've had no more effect than Reg commentards.

      The EU do also have things to say about domestic surveillence. Many of them do in fact try to clamp down on it, but it's one of those matters where our own political masters (whether Mrs May or, perhaps more to the point, her Sir Humphrey) won't let them stand in the way of anything they really want. But that's a whole nother argument.

      1. Doctor Syntax Silver badge

        Re: Can we export GCHQ instead?

        "it's one of those matters where our own political masters (whether Mrs May or, perhaps more to the point, her Sir Humphrey) won't let them stand in the way of anything they really want."

        This could get interesting. It could be a factor in Cameron's renegotiation prior to his referendum. If the EU chose to make an issue of it Cameron might have to swallow it. Maybe it's time to start writing to our MPs to emphasise that this is something we'll have in mind when the referendum rolls along. Couple that with pointing out that the bad guys will ignore any bans on non-backdoored encryption whilst businesses which value security will not be happy (think HSBC which has been making noises about relocating).

        1. Nick Kew

          @DrSyntax Re: Can we export GCHQ instead?

          I don't see it featuring in the EU debate. It's one of those issues where the EU is pretty consistently more aligned with the people than the UK government. Can't see any of them wanting to talk about it. Probably not even Corbyn, let alone anyone with the ear of the meeja like Cameron or Farage.

      2. Anonymous Coward
        Anonymous Coward

        Re: Can we export GCHQ instead?

        Except that if we HAD proper end to end encryption, we wouldn't care about foreign countries spying on our *SECURE* comms because it would be encrypted.

        So the export limit would/should be pointless.

        And we'd be protected even from the traitors in our midst as a side effect.

        If GCHQ's job isn't to protect it's Parliaments emails from KNOWN spys then slap an export shipping label on them and NSA can have a GCHQ poodle for Christmas.

    2. Danny 2

      Re: Can we export GCHQ instead?

      "You know/knew there's no magic wall around Ireland."

      Parochial and missing the fact Ireland always has been under more surveillance by British security services than even the UK. Equally stupid and parochial, the top story on BBC News Scotland just now is headlined "Crime gangs using apps to evade police", although the actual headline is slightly less inaccurate, "Organised gangs using technology to evade police".

      It's PR FUD fluff after numerous headlines here highlighting the fact PoliceScotland IT is abysmal, [Police recording incidents on paper after IT glitch, Police to be retrained in data protection as concerns mount over 'snooping' investigations, IT mismatch hampers single police force with eight computer systems] the real headline here should be 'Scottish cops are too daft to understand the everyday technology ordinary Scots use'.

      The fact is when Scottish cops are given access to any technology they misuse it illegally to abuse innocent civilians. I once got to question a top cop here and he wasn't one bit ashamed about police over-reach, he said, "If we can do it, we do do it". And because we have a McMickey Mouse legal system and a Fisher-Price parliament here they get away with it.

      I'll soon be giving criminals free lessons on proper IT security and encryption, simply because they are the less criminal and more moral than the uniformed gangs we employ.

  3. Graham Marsden
    Big Brother

    Dual use? ITYM Dual Standards...

    ... In other words, it's ok when *we* do it...

  4. Teiwaz

    Cameron may just want the right to 'opt-out' of any EU regulation/Law*. He can take that to the morons worried about the consistency of their sausage or the size of their 'pint' and claim a win. That this will also allow the UK to opt-out of Human Rights and other legislation beneficial to the people in favour of some loop-hole ridden charter will be lost on them as it 'couldn't possibly happen here'.

    If no opt-out can be negotiated, he could decide to support out, in which case he gets opt-out anyway.

  5. Old Handle

    Since I don't expect this to do much good, my main concern would be whether it will do harm. For instance could these regulations prohibit a European from publishing, or contributing to an open source pen testing tool?

    1. Anonymous Coward
      Anonymous Coward

      A Christmas message for our fearless leaders.

      Well, it may not prohibit but it will surely hinder. Like many of the laws passed on technology use today (and for access to our personal data, amongst other things) it is generally counter-productive. Unfortunately, all these efforts are based on a false premise.

      That premise is that "illegal" knowledge and software can be easily detected and intercepted at borders, ports, etc. before it is shipped elsewhere, just like canisters of VX chemicals or other nasties for which dual use legislation was originally designed.

      As anyone who has ever used torrenting, VPNS, anonymous proxies, TOR, TAILS, and strong encryption can tell you, these days, it is very difficult to restrict knowledge from people who want it. The blowback from the poitical antics that attempt to do so is nothing short of frightening or (take your pick) comical.

      Ham-handed policies continue to curtail technological progress, innovation, personal freedom, privacy and economic development while casting a global pall of uncertainty, apathy and an increasingly generalised fear and loathing of our leaders, who seem to have forgotten how to lead.

      This negativity is then deployed by feckless politicians as a tool for further control and power enhancement. This feedback loop produces more bad politicians, more fear and more misguided attempts to control the populace.

      And so it is, politicians and lawmakers continue to pirouette endlessly on the heads of pins, desperately seeking solutions for technological issues that cannot be solved by legislation, since the legislation can be so easily evaded with technology. Few bad guys stopped, lots of good people hamstrung, and enormous sums of money spaffed on an ever enlarging circus of security theatre and unwieldy surveillance mechanisms.

      At some point, we will have to just start trusting in humanity and start trusting ourselves to do the right thing. So far, I see scant evidence of that in governing polities.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like