Aardvark DailyNew Zealand's longest-running online daily news and commentary publication, now in its 25th year. The opinion pieces presented here are not purported to be fact but reasonable effort is made to ensure accuracy.
Content copyright © 1995 - 2019 to Bruce Simpson (aka Aardvark), the logo was kindly created for Aardvark Daily by the folks at aardvark.co.uk
Please visit the sponsor!
If you value the security of your computer and the privacy of the data stored on it then you won't like what the government has planned in the form of its Search and Surveillance Bill 2009.
This rather intrusive and nasty piece of legislation could effectively open the doors to your (and everyone else's computers) to the prying eyes of the police, various branches of the Security Service and a host of other government agencies.
What's more, they'll be empowered to do this snooping and probing without your knowledge or approval.
But don't worry -- as always, only those with something to hide have anything to fear.
Cue Tui's ad.
Already, the Privacy Commissioner Ms Marie Shroff has sounded alarm bells and told government that it needs more safeguards against the abuse of such a bill should it be passed into legislation.
She has also voiced her concerns over the erosive effect such a law would have on the right to privacy.
Although this law isn't limited to authorised cyber-hacking on the part of "the powers that be", the computer-related aspect of it should be of grave concern to every man, woman and child who considers that they have a right to privacy when storing material on their computers.
According to the bill...
"Criminals have increasingly been able to use computers and other electronic devices to commit or facilitate illegal activity. The Bill provides for the appropriate legislative powers to enable law enforcement and regulatory agencies to extract electronic information and use surveillance devices in order to investigate and combat criminal activity.".
That covers a multitude of bases doesn't it?
If this bill were to be passed into law, I wonder how long before the recording and movie companies (with their obvious clout, lobbying experience, ability to offer well-paid post-employment positions to ex-MPs, and potential to donate huge sums to a party's election funds) would be able to convince the government of the day that copyright infringement was a crime worthy of such "surveillance" and remote examination of suspects' computers?
Don't believe me? Read what's happening in Canada where some copyright-holder groups are lobbying government to ensure they have a legal right to install spyware/trojans on customers' PCs without their knowledge.
Never underestimate the power of money in a political environment -- just look at what our own MPs have done recently in the name of feathering their own nests for proof of that -- and some industry groups whose livelihood relies on tired old business models supported only by strong copyright laws have plenty of money to spend on influencing politicians.
And let's not forget we still live in the era of "the war against terror" (WAT). A time when the last PM gave herself (and subsequently John Key) the right to declare anyone a terrorist and imprison them indefinitely without evidence, without trial and without appeal (just like the USA eh?).
Would simply having your IP number seen on a P2P network eventually be enough to place you on a list of folks against who "remote examination warrants" might be issued so that the contents of your PC may be scrutinised for infringing intellectual property -- or perhaps make you a terror-suspect?
Of course I'm drawing an incredibly long bow and perhaps this proposed bill is an essential legislative update to allow police to keep pace with the changes in technology now available to even the most petty criminal. After all, the proposed bill also acknowledges that "the law has also failed to keep pace with technology".
One *very* interesting aspect of this bill however, is clause 170, which:
"makes it an offence for a person to fail to carry out his or her obligations under clause 125 (which imposes a duty on certain persons to assist with computer searches)"
Without further clarification, this is a real rats-nest of possibility.
I imagine it would cover everything from refusing to disclose (or being unable to disclose) the password for an encrypted file in your possession to refusing to assist in a search/surveillance activity that might incriminate a friend or member of your family.
The most concerning aspect of this bill however, is that effectively allows law-enforcement agencies to go on "trawling expeditions" -- cruising people's computers and the wires on the lookout for potentially incriminating evidence. Does this differ from cruising the streets in a patrol-car?
Of course the tech-savvy amongst us will have nothing to fear from this proposed law even if we were involved in an illegal activity. The use of strong encryption, good firewalls and a robust, secure operating system combined with good vigilance would effectively preclude the remote installation of any covert monitoring or trojan software and make any files that might fall into the hands of authorities useless to them.
Of course, if you're using Windows -- all bets are off.
Although the original government backdoor rumour has largely been discredited, the chances are very, very high (given the level of government paranoia in the USA) that some mechanism exists for allowing suitably authorised parties to gain full access to your Windows computer. Hell, if they can ride rough-shod over the sacred US Constitution in the name of the WAT then they sure as hell can demand Microsoft provides such a "feature" under threat of massive penalties or .
Dumb crooks always get caught but I'm picking that there are an awful lot of smart crims that get away with their crimes for an entire lifetime without having their collar felt. If I remember correctly, one smarty-pants suspect even pulled the police's GPS tracking device off his car and tried to sell it on TradeMe some time ago.
What does worry me most is that we will no longer have the unequivocal right to store our personal, private and perhaps valuable data on our PCs without the intrusive eye of the state having the conflicting right to intrude and examine that data -- all they need is an excuse or suspicion (be it well-founded or otherwise).
If you regularly encrypt your email and data files that may in fact be all the excuse they need in order to search your machine and perform surveillance on your internet activities.
And, if they believe they have "probable cause" then they may demand that you hand over your encryption keys so as to see what's in those files.
Now we've already seen just how, within the ranks of our own law-enforcement, civil service and even parliament, corruption is something not unheard of. So, should we just accept that such powers will inevitably be abused and hope that the benefits outweigh the risks?
Or, instead of accepting that lame old sop that "only those with something to hide have anything to fear", should we say "you can have the keys to our computers only once you can prove that your safeguards are infallible and incorruptible".
Some cops get speeding tickets and drive drunk. Some MPs use their position to extort money and services from the vulnerable. Some IRD workers pilfer the state's records and sell them to debt collectors. The list of abuses is long and not particularly assuring reading.
Can politicians and authorities really be trusted not to abuse the power they're now seeking to give themselves?
Will it really make any difference to the very smart criminals who will be just as adept at evading cyber-police as they are in avoiding the real-world police?
If the Privacy Commissioner has concerns, ought we not to be equally worried?
Please visit the sponsor!
Oh, and don't forget today's sci/tech news headlines