back to article Surveillance forestalls more 'draconian' police powers – William Hague

Lord Hague has predicted that Western societies will enact laws and regulations against unbreakable encryption – while conceding that the technology has always existed. The former UK foreign secretary, who is also a historian and author of a biography of Prime Minister William Pitt the Younger, told delegates at the Infosec …

  1. m0rt

    There is not going to be a change. No magic bullet that solves this 'conundrum'. It will only drag on until it is accepted that encryption in online environments is like air in the real world. We all get to breath it, regardless of who we are.

    Any you restrict from that right...

    1. This post has been deleted by its author

  2. Warm Braw

    "Lord" Hague

    The title alone demonstrates that "public opinion" and "parliament" means "them" and "us".

    1. g e

      Re: "Lord" Hague

      Instead of 'Privacy and Security' I wish they'd just call a spade a spade and say 'Privacy and Knowing everything about you whenever they want'

      Security isn't about being able to read people's data, ironically in a digital context it's actually about preventing people reading your data and getting access to your stuff.

  3. NoneSuch Silver badge
    Big Brother

    Surrender your right to privacy voluntarily, or if you don't like that we'll do it anyway.

    1. Primus Secundus Tertius

      ...or anarchy

      @NoneSuch

      The alternative is anarchy.

      At the end of WW1 and of WW2, Eastern Europe was in sheer chaos. Twice in a lifetime for many people. Even communism might seem less worse.

      So Government, like so much else, is compromise. We argue where the compromise should be, but there will have to be some rules.

      1. imanidiot Silver badge

        Re: ...or anarchy

        No its not. The result is that there will have to be a better way found to deal with the issue. The problem is that the average terrorist nowadays has already learned not to communicate using the standard (broken) channels. The attackers in Brussels for instance had been pretty much silent on social media and communication accounts. Which means all this talk on breaking or banning crypto achieves is reduce privacy for the average citizen!

        1. Anonymous Coward
          Anonymous Coward

          Re: ...or anarchy

          Which means all this talk on breaking or banning crypto achieves is reduce privacy for the average citizen!

          Which is what the rules are actually intended for. Illberal toerag he may be, but Hague isn't completely stupid. And GCHQ may be incompetent, but they employ enough bright people. Theresa May may have been better off working for the state in the GDR, but again not wholly stupid. So on the basis that most of them are not total and utter idiots, the people awarding themselves these powers know that they will be of no help in tracking down terrorists. Given they know that, the only logical conclusion is that this is intentionally part of a strategy to spy on the population and control them.

          Curiously enough, I think there is one member of the government who is sufficiently clueless and intellectually lightweight that he CAN claim that he believes this is about stopping paedodrugterrorists. You know the one, he can (in theory only) be contacted at number 10, Downing Street.

          1. streaky

            Re: ...or anarchy

            Given they know that, the only logical conclusion is that this is intentionally part of a strategy to spy on the population and control them.

            I don't disagree, what I don't know is if the footsoldiers at GCHQ/NSA et al are actually telling their bosses they need huge mountains of data to do their jobs. Can't imagine why they would given it would seem to impede them in doing so.

            I'm all for intrusive surveillance but it actually has to be targeted at individuals. All we're trying to do now is carpet bomb dresden rather than hit bin laden with a drone strike like we should be doing. Yes you have to find targets in the first place but very few people mouthing off on facebook are going to be actual threats, the way you'd tell is with actual old fashioned intelligence work and maybe less with the allowing people to piss off to Syria whenever they feel like and we might start making some headway.

    2. Dan 55 Silver badge

      Western nations don't want to outlaw end-to-end encryption/PFS without logging the key explicitly, it's somewhat... uncouth. But I expect they'll get round to it eventually.

    3. streaky

      They can try - they'll end the economic system they're supposed to protect if they do. Plus pitchforks are an option.

      "Necessity was the plea for every infringement of human freedom. It was the argument of tyrants; it was the creed of slaves" -- Pitt the Younger.

      Seemed relevant seeing as Hague brought him up.

  4. Voland's right hand Silver badge

    News at 10

    CodeBook based ciphers and their analogues are unbreakable to this day. Nothing new there.

    They, however, are feasible only for a prearranged communication, not for on-off messaging. There is no session secrecy. You break it once, it is broken forever and you read all past and future messages.

    It also requires zero technology so it cannot be defeated technologically.

    1. Yet Another Anonymous coward Silver badge

      Re: News at 10

      Obviously we need to ban books

      1. Voland's right hand Silver badge

        Re: News at 10

        Farenheit... 451...

    2. imanidiot Silver badge

      Re: News at 10

      For incidental messaging the one time pad is unbeatable.

  5. JimmyPage Silver badge
    Meh

    Don't agree ...

    but it's nice to have a less hysterical voice in the debate

  6. M7S

    Missing the point

    "concerns that if law enforcement could break into communications for one reason they’d be able to break it for another "

    I don't think it is so much that concern that worries most informed users, although some law enforcement agencies have somewhat tarnished the collective reputations of their counterparts in this regard, but the fact that if they can break in, then ultimately so can someone else, perhaps with less benign intent.

    Given that he then goes on about companies "leaving the doors unlocked" he clearly isn't aware, or has chosen to ignore, that he's just told them they can only secure it with a cable-tie rather than a decent padlock

    1. Tom 35

      Re: Missing the point

      If the US/UK get a master key, how long before India, China, Saudi Arabia... all want a key too.

      1. Paul Crawford Silver badge

        Re: Missing the point

        Then how long until said key is passed to well-funded criminal gangs from at least one country?

        1. Anonymous Coward
          Anonymous Coward

          Re: Missing the point

          Maybe the whole point of this is for organised crime to get the master keys first. When states get them, use them, etc. wouldn't matter to them. So pay the lobbyists and get the leaders justifying your agenda- it all could just pay off eventually. Global domination through realtime access to all data... Bwahahahahaaaa!

          1. Mike 16

            Spoiler Alert!

            -- Maybe the whole point of this is for organised crime to get the master keys first. --

            So, You saw "Spectre" then?

    2. Rob Crawford

      Re: Missing the point

      While attempting to ban decent padlocks

  7. Anonymous Coward
    Anonymous Coward

    Book ciphers/one off messages

    You *can* use book ciphers for one off messages with a bit of planning.

    Get a message out of the blue ? Get the 56th bestselling book of that month (from the Times Literary supplement) - and hey presto (as long as "56th bestselling boon on this months list" was prearranged).

    Could be used anytime after the initial planning. And (as VRH pointed out) is immune to whatever technology you care to throw at it.

    1. veti Silver badge

      Re: Book ciphers/one off messages

      Yes, of course you can do that sort of thing.

      But no-one does. Well, I tell a lie. There's a very good chance that people like terrorists, who actually care about secrecy, do something like that. But they're not a significant voting bloc, so who cares about them? No-one who matters, does that.

      Because encoding a message like that is a lot of work. For anything much more involved than "Hello, world!", it takes hours of tedious labour. Ain't no-one got time for that nowadays, they want a computer to do it for them.

      And if a computer can encode it, another computer can break it.

      1. DropBear

        Re: Book ciphers/one off messages

        "And if a computer can encode it, another computer can break it."

        It does not follow at all. If you point your computer at some sort of electronic equivalent of the book cipher, it's still unbreakable unless Eve figures out what the "book" is...

      2. Tom 7

        Re: Book ciphers/one off messages

        Another computer can break it. Perhaps - but like quantum decryption how do you know you've decrypted it? For any random message you can apply a 'decryption' key that will product the message 'Bomb the capitalist pigs now!" but you dont know that is correct.

        1. Chris G

          Re: Book ciphers/one off messages

          For anyone considering book cyphers, this is interesting; http://www.drdobbs.com/security/the-book-cipher-algorithm/210603676?pgno=1

          The important thing though is not to leave what you have encrypted on the computer you have used to encrypt the message, or indeed any reference to the book and the start position or the recipient/s.

          Some things are best kept in your head, if it comes down to being waterboarded then itis probably too late to get away with anything, even if it was only to say Happy Birthday to someone.

  8. Anonymous Coward
    Anonymous Coward

    F*CK technology firms

    Two people communicating with opensource encryption software, there is no "technology firm" to go crying to.

    1. tirk
      Unhappy

      Re: F*CK technology firms

      ...until they make possession of opensource encryption software a crime.

  9. Anonymous Coward
    Anonymous Coward

    Fuck you Hague. If I encrypt something, that means that *I* decide who gets to see it. Not 'me and a self-invited list of law-enforcement and whoever else has bought their way into the club'. Me. Only. If asked to, I may or may not decrypt it, depending upon circumstances; but having a member of the hoi-polloi having some control over their own destiny really sticks in the craw of these power-crazed fuckers. The technology is already out there; and maths says you can't have an invite and still have security yourself. So fucking deal with it and stop whining for fucks sake.

    "While there should be constraints to intrusion, there’s no absolute right to privacy either, he said."

    Yes there is. There isn't a right however, for corrupt bastards to legislate themselves the right to read over your shoulder to make their jobs easier. More to the point, online tech companies are encrypting things AS A DIRECT RESULT of security services and law enforcement getting caught with their hands in the cookie jar breaking far more laws than I could ever aspire to.

    1. Anonymous Coward
      Anonymous Coward

      What is a "right to privacy"?

      What is an "absolute right to privacy"?

      How do you know if your right has been breached? Who do you complain to when it happens? What do you expect to be done about it?

      If you can't answer those questions, you haven't thought through what you're saying.

      1. wolfetone Silver badge

        What is a "right to privacy"?

        The expectation to be able to fornicate with a woman and no one see it.

        What is an "absolute right to privacy"?

        The expectation to be able to fornicate with your husband/wife* and for you not to see it.

        *as in your husband or wife, not my own.

        1. Anonymous Coward
          Anonymous Coward

          What could go wrong?

          Not quite the same subject matter but it seems round where I live the plod has been taking liberties doing just that-

          http://www.bbc.co.uk/news/uk-england-south-yorkshire-36469945

          I wondered what the police helicopter was doing hovering our house all that time the other night.

          When they get more powers to slurp our communications data I wonder what other juicy stuff they'll dig up!

      2. Bernard M. Orwell

        "What is an "absolute right to privacy"?"

        Here you go, the laws that enshrine our legal right to privacy in the UK. Note how it specifically extends to our communications and further makes certain comments about the controls and limits of state surveillance.

        https://www.liberty-human-rights.org.uk/human-rights/privacy

        Also note that it is part of the Human Rights Act and is enforceable by the ECHR. You know, the EU. And the HRA, things that no one has recently been saying we should leave and be "self determined" about....

        ....oh...wait...

        1. Tim Warren

          Uk Still bound by ECHR if outside EU

          @ Bernard M. Orwell

          The ECHR is part of the Council of Europe which is separate from, and distinct from the EU. The UK will remain a member of the Council of Europe should be leave the EU, and thus will be bound by ECHR terms.

        2. Roj Blake Silver badge

          lso note that it is part of the Human Rights Act and is enforceable by the ECHR. You know, the EU. And the HRA, things that no one has recently been saying we should leave and be "self determined" about....

          The ECHR is not an EU thing.

          1. Bernard M. Orwell

            "The ECHR is not an EU thing"

            All very true, but you can't deny that the PtB have been espousing a UK abandonment of the UDHR and the ECHR over the last few years alongside the idea of leaving the EU. They may not be linked legally, or in our estimations, but I believe our lords and masters see all of these issues as part of a grand plan to remove the UK from international oversight in a more general framework.

  10. captain_solo

    The amount of yelling the parents are doing about this leads me to believe that they have figured out that ubiquitous end to end encryption with PFS is inevitable and the world where they just had to stay ahead of the Moore's Law curve in order to have almost complete access to network traffic will soon indeed go dark.

    If they are lucky the only thing that happens will be these huge multi-nationals will dump some tea in the harbor and tell them to piss off. Alternatively, the guillotine staffed by a mob.

    The difference in what the oppressors use to subjugate their people is less significant than the act of subjugation and its end results are in a society that believes itself to be free.

    1. nkuk

      That is true that the network traffic will soon indeed go dark. There was a very interesting keynote speech from the CISO of KPN Telecom a short while after Lord Hagues speech, and fortunately she had the polar opposite viewpoint that communications must be safe, secure and reliable. They are testing and rolling out quantum communications channels, and China already have large networks, where because they are quantum based any monitoring of the signal will inherently modify the content so the recipient will know the communication has been intercepted or monitored.

      Trying to defeat private communication is an arms race that will never be won.

  11. seanj

    "We will defend your freedom at any cost..."

    "... even if that cost is your freedom!"

    1. Anonymous Coward
      Anonymous Coward

      Re: "We will defend your freedom at any cost..."

      You win the internet today.

  12. John Smith 19 Gold badge
    Gimp

    " it ought to be decided through public opinion and a debate in Parliament"

    Instead of by what iactually has happened, basically a faceless, uneleceted group of data fetishists.

    This is not the "voice of reason."

    It's a (slightly) less hysterical version of the "We must hand over our right to privacy (enshrined in the ECHR) to protect our way of life" BS.

    Is Mr Hague a leaver, or a starer in the EU referendum do you think?

  13. djack

    Hollywood scenarios

    I was recently watching a series of '24' (other similar shows are available) that featured a device that bypassed pretty much any firewall and network security. My mind rebelled against the proposition (though I persisted as otherwise the storyline and action was good) as the idea of such a device is ridiculous.

    The whole 'breakable encryption' brigade is trying to lead us into a world where such a thing is not only feasible but likely inevitable.

    1. Sir Runcible Spoon
      Big Brother

      Re: Hollywood scenarios

      Whilst an absolute bitch to configure, the Gauntlet firewalls back in the day were about as secure a firewall as you could ever hope for. The management let it down when compared to Cisco PIX's and the newcomer to the game with it's fancy GUI - Checkpoint - which was probably what led to its' demise.

      However, what I noticed was that there were no *new* proxy-type firewalls coming along - all of the current crop of firewalls for Enterprise are pass-through type.

      After going on a few courses with aforementioned vendors and meeting people who made me feel like a 3 year old chimp with brain damage in comparison, I discovered that there are ways to bypass pass-through type firewalls. Apart from the obvious back-doors that have been floating around recently I never did find out what that mechanism was, and it was proved to me on one occasion where I was asked to secure a laptop behind a firewall in a lab, and this chap (using another laptop outside the firewall) simply logged in to my laptop, using RDP (which was disabled) and used my webcam (which was disabled in the device manager) and took a photo of my astonished face as I watched my cursor wizz around my screen.

      Now I think I know why there are no proxy-type firewalls left in the market :(

      For those too young to have played with Gauntlet, it basically had a little bit of proxy code for each application you wanted to allow connectivity to. So there were FTP proxies, HTTP proxies etc. etc. The main point being was that if the incoming data stream didn't conform to the parameters of the proxy, it was filtered - so no buffer overruns - no SQL injections - it was pure whitelisted traffic and nothing else. This would probably be harder to do today since some of the protocols have developed and become a lot more complex, but it *could* be done - so why hasn't it?

      1. djack

        Re: Hollywood scenarios

        I fear you may be unaware of modern firewall design.

        Many modern firewalls implement integrated application layer proxies with policy based filtering alongside a stateful packet filter and have done for many years. I know that Checkpoint had limited support (covering http and ftp) at least since version four (released around the millennium), Microsoft's firewall also does it and with Palo-Alto it is very well integrated into the rules-base. I am sure that there are many other examples.

        You talk of Checkpoint as being a brand new firewall at the time. If you are going that far back in the day, the other firewalls you were probably dealing with would have been little more than stateless filters, which were leaky as sieves as you had to open huge holes to allow 'return' traffic back from a server (packets travelling to a 'high' numbered TCP port). Checkpoint's big contribution to firewalls is not the friendly GUI but they claim to have invented the concept of a stateful firewall. Unlike the older filters, a stateful firewall monitors the state of connections thus eliminating the need for rules opening up huge holes. The stateful design is used by pretty much all firewalls now.

  14. Anonymous Coward
    Anonymous Coward

    No more William Pitt wannabees please ...

    ... the original one was bad enough.

  15. Pen-y-gors

    What is it about this people?

    Are they genuinely stupid? or genuinely evil? or a bit of both? What is it about 'privacy' that they don't understand? The role of the citizen is not to make life easy for the government, whatever their reasons. Yes, technology can be used by criminals as well as the good people. That is no reason to ban the technology and stop good people from gaining the benefits. Dick Turpin used a horse to assist in his highway robberies. Did any MP in 1739 suggest banning horses?

    Criminals will communicate. That's a fact of life, get over it. They will always be one step ahead of the goodies. If they need to make their plans and have a whispered conversation in a rowing boat 12 miles offshore, how will MI5 intercept that? Should we all be required to wear a continuous recorder, just on the off-chance that we might want to fiddle with a kiddie or BLOW UP a photograph? After all, it may help to prevent a serious crime, and please think of the children. Personally, I don't think it's a good idea, and I suspect a lot of other people might not think it a good idea, but it's no different in principle to government demands to provide encryption backdoors to russian mafia bosses.

    1. Anonymous Coward
      Anonymous Coward

      Re: What is it about this people?

      There is another option. They are afraid, and while not stupid, lack the ability to correctly assess risk. All the spooks (or anyone else with an agenda) have to do is bombard them with scenarios that are highly unlikely until the point they believe they are going to happen, at which point the fear kicks in and overrides common sense. Make people afraid and they will do what you want when you offer a solution to their fear.

    2. DropBear
      Joke

      Re: What is it about this people?

      "If they need to make their plans and have a whispered conversation in a rowing boat 12 miles offshore, how will MI5 intercept that?"

      Well, times being what they are it's reasonable to presume the "rowing boat" would actually have an engine and some sort of cabin. With glass windows. And once you have glass windows - look, man, what did you think all those sharks with lasers were for?!?

  16. Pen-y-gors

    There is another option. They are afraid

    Good point. Inability to assess evidence and risk seems to be a prerequisite for being a career politician. Have a +1

  17. Will Godfrey Silver badge
    Unhappy

    Fear indeed

    But it's the corrupt politicians and law enforcement agencies that are afraid.

    There has always been corruption, and doubtless always will be, but up to now it has been relatively easy to hide it, and if anyone did find out they were quickly disposed of - and that fact itself could be easily covered up.

    Now however, not only do ordinary people have extensive means of immediate communication, but it is easy to hide what information is being shared and where it came from.

    That's what scares them. Us lot can find out what them lot are up to and are starting to shove big fat spokes in their wheels.

    1. veti Silver badge

      Re: Fear indeed

      Oh please. It's easier to hide information today than it's ever been before.

      Previously, if you wanted to cover up your corruption, you had to pay off a bunch of people, pay a bunch of thugs to visit others, and hope like heck that it didn't leak out through some channel you overlooked.

      Now, you don't have to bother with any of that. You just call Kanye West (other celebrities available) and ask him to say something stupid, and nobody - for statistical values of 'nobody', at least - will ever notice what you did that day. Problem solved, and it doesn't matter how many people are in on your little 'secret'.

  18. Anonymous Coward
    Anonymous Coward

    It's way bigger than encryption - it's about total control

    and the elimination of democracy as we have always known it.

    This explains what's really going on. Right under our noses.

    1. Yet Another Anonymous coward Silver badge

      Re: It's way bigger than encryption - it's about total control

      democracy - a system where the 5% of the population living in marginal constituencies get to decide which privately educated Oxford graduate gets a free house in London to promote exactly the same policies as the previous lot.

      You can keep it

      1. Wolfclaw

        Re: It's way bigger than encryption - it's about total control

        So true, UK Democracy needs a reboot, banning all the current losers from holding power ever again !

    2. Anonymous Coward
      Anonymous Coward

      Re: It's way bigger than encryption - it's about total control

      THIS.THIS.THIS. and thank you for the link ...

      here it is again ....

      http://www.salon.com/2016/06/06/this_is_our_neoliberal_nightmare_hillary_clinton_donald_trump_and_why_the_market_and_the_wealthy_win_every_time/

  19. Anonymous Coward
    Anonymous Coward

    Indeed

    As long as people speak up and speak out, there is a chance that truth can be heard. But if people are muzzled by fear of what their all-powerful listeners might do, they will cease to speak and the resentment will boil. Perhaps our fearless leaders should keep this in mind. Nothing to hide, nothing to fear, right?

  20. (AMPC) Anonymous and mostly paranoid coward

    Indeed

    As long as people speak up and speak out, there is a chance that truth can be heard. But if people are muzzled by fear of what their all-powerful listeners might do, they will cease to speak and the resentment will boil. Perhaps our fearless leaders should keep this in mind. Nothing to hide, nothing to fear, right?

  21. Anonymous Coward
    Anonymous Coward

    What did they do before electronic communications?

    I'm not buying this encryption debate where unless we bork it the terrorists will win. The argument fails spectacularly when you consider that by removing encryption the terrorists will just stop using it to communicate and that is if they were using it in the first place and even if they were using it nobody acts on the information anyway (see recent terrorist activities by people known to the security services)

    My tin foil hat says there is something else to all this.

  22. John H Woods Silver badge

    "Theresa ...

    ... there's a new technology that can actually see what people are thinking. But, that would be too far, wouldn't it?"

    "Hell no! Some criminals might get away if we couldn't bulk read everybody's mind"

    1. DropBear
      Devil

      Re: "Theresa ...

      "Hell no! Some criminals might get away if we couldn't bulk read everybody's mind" "What do you mean, read? Why can't it control their minds yet?!?"

  23. Anonymous Coward
    Anonymous Coward

    Mr. Hague - this is why we need a constitution

    Dear Mr. Hague

    You just don't get it... what you want is the "absolute right to surveil - absolutely"... and woe-betide anyone that gets in your way...

    The problem here is that the government wants to take away our right to privacy and we want to claim it back - the two are, of course, diametrically opposed.

    Before computers and the internet, surveillance was tapping phone lines and steaming open letters - both of which required a warrant from the Home Secretary.

    Now we have computers and the Internet it appears that because it exists it is - somehow - we have automatically become "fair game"... and the politicians, people that work at GCHQ and contractors like Detica use the political dogma that "if you've got nothing to hide you have nothing to worry about" - thanks at lot - that means I can sleep at night... not!

    The fact is that many of us do have something to hide... illicit affair, caught the clap, had an abortion, shagged the boss, smoked a joint, nicked your mate's car ... it doesn't really matter but probably more than half the population has something to hide. I can hear it now "think of the children" - the paedophiles, the terrorists, etc. etc.

    Hoovering up vast quantities of the internet on the chance of finding something is akin to searching for "hay in a haystack" ... ultimately this will become self-defeating and pointless because either (a) the bandwidth of the internet will grow to the point where its arriving faster that you can store it and analyse it, or (b) the encryption tipping-point will be reached where too much is encrypted and you haven't got enough silicon atoms in the universe to build enough CPUs to break it all... either way - you loose.

    Certain contractors to GCHQ already measure storage by the metric tonne. What happens when the Concrete Doughnut has filled up with hard disks? What next? Concrete Doughnut #2? Concrete Doughnut #3?

    What happened to "going after the bad guys"? You know, that thing called "intelligence lead policing" and "profiling" along with lots of "shoe leather"... rather than attempt to tap the whole of the internet - or have we reached a point where we have to tap the whole of the internet out of political correctness for fear of offending some race/religion/political group.

    The problem here is that the government wants to take away something precious to us - our privacy - in the name of the common good. Moreover it wants to do it "at any cost" and without proper justification.

    This is perverse and fundamentally wrong, moreover it's "not British" - why? Because the argument put forward to justify this is that the ends justify the means - they do not. Furthermore and just as it has always been - those that really seek security in their communications (COMSEC) will always remain one step ahead of those in signals intelligence (SIGINT).

    Perversely, one of the most secure forms of communications these days is a typewriter, paper, an envelope and a first class stamp.

    Fundamentally, we must reach a point where "Blackstone's formulation" applies to this too - at some point (I'm not sure exactly where, yet) it must some to pass that it is better to let one terrorist [bank robber; paedophile; tax evader; drugs dealer; "substitute your baddie here"] go through lack of surveillance than attempt to capture an infinite amount of information about all of us?

    Mr. Hague - we need protection FROM the government and NOT more surveillance BY the government - this is why we need a constitution.

    G.

    PS. I'm off to print out some very large one-time-pads from www.random.org and post them (via Royal Mail) to my friends along with a five line BASIC program that employs an XOR function so I can communicate with them securely over the interweb ;-)

    1. veti Silver badge

      Re: Mr. Hague - this is why we need a constitution

      No, before the internet surveillance included "going through your neighbour's rubbish to check they hadn't been wasting food".

      This whole "privacy" thing is basically a myth, it's something that didn't really exist at all until the mid-19th century. Before that, you probably shared your home with two or three other families, or - if you were rich - with servants; either way, there was no notion of "privacy" beyond "closing the door (if your home was one of the minority that actually had internal doors, of course)".

      We seem to think of "privacy" as some ancient right, like "freedom of speech". It isn't and never has been.

      1. Sir Runcible Spoon

        Re: Mr. Hague - this is why we need a constitution

        @veti : I'm not entirely sure you grasp what 'rights' actually are.

        'Rights' are something people fought for, usually against powerful opposition and the only reason the powerful caved in and enshrined those rights was the implicit threat that something bad would happen if they didn't - i.e. through the use of force.

        Now we are having our rights revoked - by force - and the majority don't seem to care enough about those rights to fight for them.

        So yes, we are losing those rights (including the right to privacy) because the powerful care enough to fight to take them away from us, but the general population don't care enough to fight back - so we will eventually lose them.

        That's how it works - it's all about checks and balances. The powerful have infrastructure, technology and money on their side. The general population have numbers and technology. They don't want us to have technology as it improves their chances of winning. It's that simple.

      2. strum

        Re: Mr. Hague - this is why we need a constitution

        >We seem to think of "privacy" as some ancient right, like "freedom of speech". It isn't and never has been.

        An unpopular view, it seems - even if it is historically correct. 'Rights' are merely privileges we've become accustomed to.

        But the fact remains, we now have an expectation of privacy, and have enshrined this expectation in treaties and laws which call them 'rights'. We are entitled to expect to be able to defend these modern rights, just as if they were ancient.

      3. Anonymous Coward
        Anonymous Coward

        Re: Mr. Hague - this is why we need a constitution

        to veti

        In ye olden days, private communication was a simple as walking out of ear shot of anyone else .. out on the road by the corn field for example.

        In ye olden days, privacy from prying eyes was as simple as pulling over a blind.

        In ye olden days, change your costume and pull a muffler over your face, and your walk on Main St. might go unnoticed by the entire town.

        In ye olden days, hide away your private papers (should there be some reason to - not everyone could read), and no one would have a clue where to find them.

        Even so, the Yankees were concerned enough about privacy to write some privacy protection into their founding documents:

        "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated .."

        So in ye olden days privacy was quite real, almost taken for granted, but nevertheless they did think about it and protected it by law.

  24. swampdog
    FAIL

    book-based cypher written by an 18th century politician remains unbroken

    So, by his reckoning the problem has been around for at least some 300 years. Govt's have come & gone and very generally speaking life has improved since that time. As a historian he must know that life improved less well for those under a draconian thumb.

  25. Anonymous Coward
    Anonymous Coward

    Well one thing is clear

    William Hague's understanding of encryption is everything you'd expect from a biographer of Pitt the Younger.

  26. Anonymous Coward
    Big Brother

    This is very reminiscent of the old budget-cutting dodge.

    "You need us to cut the city budget? Sure!, we'll start with police, fire engines and schools. How do you like those cuts?"

    "You need us to allow private phone and email communication? Sure!, we'll require a stool sample, a camera in your bedroom so we can see you are not kiddy-raping and this will sting a bit, but we have to insert an RFID chip in your left buttcheek!"

  27. Tom 64
    Alert

    "Serious crimes such as tax evasion"

    I like the way he threw that one in there to appeal to the general population who hate rich tax evaders such as.. well himself.

    Wonder if he minds us plebs looking through his accounts then.

    1. Anonymous Coward
      Anonymous Coward

      Re: "Serious crimes such as tax evasion"

      Yes, the mega-corps don't pay tax, the rich don't pay tax so why the fuck should I pay tax?

  28. Henry Wertz 1 Gold badge

    What a numpty

    So, later on, Lord Hague says: “Organisations wouldn’t leave doors open all night at the company headquarters but they are doing that in cyberspace," just after talking about how these same companies (along with everyone else) should be unable to use encryption without flaws built into it. With no sense of irony. Oh yes, that faulty encryption sure locks those doors up tight.

    Keep in mind, ladies and gentlement, those who talk about "balancing" your privacy mean they don't want you to have any, and those who talk about "balancing" your rights just want to take those pesky rights away.

  29. Someone Else Silver badge
    Big Brother

    Unless government and their security agencies retain the ability to spot malicious activities through electronic intelligence, restrictions on civil liberties would have to be more “severe and draconian”, he argued.

    You know, if it weren't for the fact that this lummox is a furrin' National,, you'd have to think he was auditioning for Herr Drumpf's veep position.

  30. SundogUK Silver badge

    If you don't let us rape you, we will have to kill you.

    See title.

    1. Jimmy2Cows Silver badge
      Meh

      Re: If you don't let us rape you, we will have to kill you.

      And if you do let us rape you, our "careful selected partners" will too. Because you did but didn't / didn't but did (makes no damn difference either way) tick the box.

      And no, you may not choose "neither".

  31. BenR

    If that's what he says then that's fine...

    ... but i fully expect every single byte of data from his work and personal computer; images of every piece of physical correspondence he's ever sent; audio recordings of every conversation he's ever had, to be released onto the internet for us all to view.

    And yes - I mean both personal AND professional data. Fuck him. If you've got nothing to hide then you've got nothing to fear, isn't that right Will?

    Along with all 650 of his mates in the Commons, and all 700+ of his decrepit old muckers in the Lords too.

    Along with everyone who works there as a civil servant.

    And everyone else who has ever worked there, ever, since records began.

    Remember, there's no such thing as a right to privacy!

    What's that? There's an explicit provision in the Draft Bill to exclude parlimentarians? Will isn't *THAT* just wonderfully fucking convenient for you all then?

    1. spotburst

      Re: If that's what he says then that's fine...

      ooh, Please Mr Hague - may I have scans of your birth certificate, passport and bank account details?

      Oh and if you've got a password cache somewhere (unencrypted of course) then DO let me know.

      I've heard that this kind of data pays very well on the open market.

  32. Anonymous Coward
    Anonymous Coward

    If you criminalise encryption

    Only criminals will have encryption.

    1. muddysteve

      Re: If you criminalise encryption

      Then all you have to look out for is encrypted messages. That will make GCHQ's job a lot easier.

      1. Tom 7

        Re: If you criminalise encryption

        Can YOU spot the IDIOT encryption in this? I've highlighted it to make it obvious but normally it wouldnt be.

      2. Anonymous Coward
        Anonymous Coward

        Re: If you criminalise encryption

        Steganography - game over.

  33. tiggity Silver badge

    Unconvinced..

    "or else law enforcement will lose the ability to investigate serious crimes, including tax evasion, people trafficking and terrorism"

    Tax Evasion: UK seems quite happy about big companies & wealthy individuals making a mockery of the tax system without them encrypting anything.

    People Trafficking: Basic border security to catch people smuggled in might help, coupled with rigorous ID checks, questioning, & basic policing intelligence techniques.

    Terrorism: The must have bogey buzz word, even though minimal use of encryption in lots of widely reported terrorist plots & again basic policing intelligence techniques helpful.

    "Rather than the courts or technology firms deciding regulations for encryption, it ought to be decided through public opinion and a debate in Parliament"

    I translate that as, there's some of the judiciary that are still irritatingly independent & tech companies understand maths & that backdoors = no security for anyone, whereas enough of the public can be swayed by our scare stories & as for parliament, both "main" parties are too keen on spying on every aspect of all their own citizens so anything making spying easier gets passed.

  34. Anonymous Coward
    Anonymous Coward

    The Singer not the Song

    I can appreciate the need for increased surveillance in this modern world but my problem is the people who would have us monitored from dawn to dusk. These are the security services who while ridden with upper class soviet spies were happily using the security apparatus to oppose workers rights in the UK. These were the police who were lying and covering up their own actions at Hillsborough and Orgreave, and we still don't know the full story of what went on in Northern Ireland. As for MPs, I wouldn't trust them to fill in their expenses claims truthfully let alone act responsibly and with honour. The Chilcott report ought to be interesting reading.

    Increased surveillance may be necessary but I don't trust any of the Police, MI5, GCHQ, Army Intelligence etc to act in my interest.

    1. Jimmy2Cows Silver badge

      Maybe be a bit less appreciative...?

      I can appreciate the need for increased surveillance in this modern world

      Not me. What is needed is better targeted surveillance and actually bothering to do something about the people they already know about, instead of leaving them in the hope of catching an ever bigger fish.

      I don't see the world is really much more dangerous than it was 30 years ago. Atrocities then, atrocities now. Only difference is the whack-job group du jour perpetrating them. The odds of being involved in one are still statistically tiny.

      More likely to die falling down the stairs. So hey let's monitor everyone's stairs in case someone falls? Won't prevent the falls, but we can increase surveillance coverage in the name of saving lives plus it'll get some laughs on YouTube. And that's about how ridiculous this all is.

      Increased surveillance on an Orwellian scale serves no practical purpose, certainly does not make us more secure. Just an exponentially growing haystack obscuring the needles, and an ever-increasing huge scope for abuses of power over the most trivial of civil disobediences.

  35. Chris G

    When

    When Government and all of it's Offices, Departments and Representatives are TOTALLY open and transparent for the population, I will consider being totally open and transparent for them.

    As a means of providing support and infrastucture for the people for whom it acts and by whom it is elected and paid for, it should respect their privacy and rights totally except where it is demonstrable in a court of law that their actions should come under scrutiny.

    Goverment should be for OUR benefit not for ITS benefit.

  36. adam payne

    "Rather than the courts or technology firms deciding regulations for encryption, it ought to be decided through public opinion and a debate in Parliament or its equivalent in other Western countries, Lord Hague concluded."

    I think he may not have realised that public opinion my not be on his side on this one.

  37. tiggity Silver badge

    Less haystacks

    A bit more encryption might help the security services actually find something - e.g. 97% of collected data not inspected - see

    https://www.techdirt.com/articles/20160607/08541934648/snowden-docs-show-gchq-mi5-to-be-all-haystack-no-needle.shtml

  38. Wolfclaw

    Just typical speach from a Lord of the Nazis Party, sorry I mean Nasty Party, oh my spelling is getting bad, Cameron's EU Party. Doesn't know what he talking about, makes sound sbites that are good for the media !

  39. fnj

    Decode THIS!

    Les sanglots longs

    Des violons

    De l’automne

    Blessent mon cœur

    D’une langueur

    Monotone.

  40. armyknife

    It's The Natural Order of Things.

    Lord Hague says 'Shut up and do what you're told'

    It's what lords do, they lord over us.

  41. AnastasiaB

    Years ago VPNs were used inside companies that employees could connect and work from home. But furthermore, it was started to being used in a good way to secure user’s connection. It helps to hide user’s online identity, which has become more important these days since NSA and GCHQ snooping revelations due to Mass surveillance programs. It has revealed that security agencies of many developed countries are now trying to hack the data of every individual and company in order to have eyes on each and every suspicious activity.

  42. DagD

    there goes the easy button

    guess its back to hiding encrypted messages buried within readable, but nonsensical data with a system to not only automate the garble, but to extract the intended bit, rebuild the string, then apply the private key to release the message.

    More work, but a win / win for black hats. Government makes "no data" safe from backdoor hacks on legitimate users, and they still have their encrypted message flying passed the best IDS.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like