By Tim Hardy
A number of people have asked me recently about how to keep their email and communications secure and my answer is simple: don’t bother.
Even though the recent behaviour of the police suggests that they have a grotesquely exaggerated sense of their rights to impede peaceful protest, within an imperfect but partially functioning democracy like that of the UK, a society in which the values of freedom are endorsed in the speech if not the acts of those in power, the need for security is less pressing than in an authoritarian regime.
Nonetheless, it is not enough to say, as many do, that if you are not doing anything illegal then you have nothing to hide.
Only a totalitarian would believe that the law was the sole expression of morality. Laws can and do change. Until 1991, it was legal for a husband to rape his wife in the UK.
The fact that we live in a society where powerful interests profit from unjust laws means that there will be times that an engaged citizen, following in the noble tradition of Gandhi and other peaceful activists, will be forced to take a stand and break the law.
My reason for saying don’t use crypto is more pragmatic than that.
Cryptography gives the illusion of privacy. Your emails may be secure, but how do you know that the people with whom you are communicating are who they say they are? Your password may be impossible to guess but how do you know that there is not a key logger attached to your computer, a physical device or a snippet of code hidden there to steal your keystrokes and play them back? How do you know that the messaging software itself isn’t designed to betray you? Your communications may be unbreakable but the fact that you are talking allows intelligence agents to perform a crude traffic analysis: the fact that you are using crypto draws attention, makes it look like you have something to hide; the fact that your communications start to increase in volume tells everyone that something is about to happen.
I would urge everyone to avoid the complacency that a strong password and the latest fashionable email address for activists might give you.
If someone really wants to find out what you are talking about it then they will find a way.
Indeed in the UK it is a criminal offence under the Regulation of Investigatory Powers Act 2000 (RIPA) not to surrender the password to an encrypted file if the police request it.
I believe in peaceful protest that operates as far as possible within the limits of the law and seeks to change unjust laws by bringing broader attention to injustice. I believe in the levelling power of transparency and see it as a necessary step in bringing about a more equal, honest society in which people may settle their differences through genuine engagement rather than by buying a bigger megaphone and shouting louder than everyone else.
The more steps we take down the path of digital privacy, the greater the risk of losing sight of those values.
I’d suggest we need enough security to prevent journalists hacking our voice mails and emails but I know enough about security to know I would be naive if I thought I could outwit the intelligence services.
If you want your plans to be a surprise, I’d suggest organising face to face, not online. But whatever you choose, always be honest.
Speak every word as if you would be happy for everyone to hear it. Honesty at all times is the only security we need. If you are willing to take a stand with your actions, then be willing to own them in public.