Report undermines RIP

If you think the idea of the government monitoring your Internet use is a little intrusive, do not fear: A new report tells you how to avoid Big Brother...
Written by Will Knight, Contributor

British computer experts will outline ways for UK citizens to sidestep proposed government eavesdropping capabilities in a report to be released Thursday.

The report will explain how ordinary Internet users can circumvent government monitoring efforts proposed in the new Regulation of Investigatory Powers (RIP) Bill.

The report is called The Regulation of Investigatory Powers (RIP) Bill -- Technically inept: ineffective against criminals while undermining the privacy, safety and security of honest citizens and businesses.

The Bill, which passed through the Lords last week, will give law enforcement officers the power to monitor Internet traffic using "black boxes" housed at ISPs. It will also give police the power to seize the keys to encrypted data or demand decrypted information.

Thursday's report will show how ordinary Internet users can dodge these new powers with a combination of encryption, secure Internet protocols, anonymous and offshore services and information hiding techniques such as steganography.

It was produced by computer security experts Brian Gladman and Ian Brown in order to highlight the weaknesses in the Bill which has been fiercely criticised since inception.

Gladman and Brown say their report illustrates how easy it will be for professional criminals to evade government snooping as outlined in RIP.

Neil Barrett, a computer forensics specialist with UK company Information Risk Management and a regular expert police witness on cybercrime argues that the police will still be able to imprison individuals who do not comply with the Bill. He believes that this is a vital aspect of the legislation.

"The main idea behind RIP is good," he says. "To give the police the power to demand the decrypted version of an encrypted message." Barrett reckons the vast majority of criminals will resort to nothing stronger than basic cryptography software.

"They will use what is there. Things like PGP," he says.

But those opposed to RIP still argue that criminals will be able to scupper simple surveillance efforts. Caspar Bowden, of Internet policy think-tank Foundation for Information Policy Research (FIPR) says Thursday's report will expose inadequacies in the legislation.

"It [the report] will show how RIP will destabilise policy by creating a legitimate demand and market for privacy tools, which both the law-abiding and criminals can use to circumvent the legislation," he says. "The government has proved stolidly incapable of anticipating trivial counter-measures."

Other experts say that Internet surveillance systems such as that under RIP, or the Carnivore system in the States, threaten civil liberty and are open to abuse. They suggest that all Internet users consider the using technology such as encryption as a matter of course.

Founder of US security company Counterpane and author of Applied Cryptography Bruce Schneier, for example, says that cryptography is vital to safeguarding liberty and should not be overlooked by ordinary Internet users.

"Yes, as a general rule, just as people use envelopes, they should use encryption," says Schneier. "It's good common sense. It is very worrisome that many governments are implementing this [surveillance on ISPs]."

Find out who's spying on you and how they're doing it in our exclusive Echelon News Special.

Rupert Goodwins reckons we've allowed a state surveillance system to be built that would be the envy of any dictator, and we've allowed it to flourish unseen and uncontrolled. What we must do now is to start building pressure for a wholesale reform of Echelon: not to shut it down and render ourselves deaf to real threats but to improve its efficiency and make it ours again, not the plaything of nameless people. Go to AnchorDesk UK for the news comment.

What do you think? Tell the Mailroom. And read what others have said.

Editorial standards