Business Technology

Saturday 24 March 2018

After Nice, security will fight privacy again

Emergency vehicles near the scene of the attack in Nice. Photo: AP
Emergency vehicles near the scene of the attack in Nice. Photo: AP
Adrian Weckler

Adrian Weckler

Once again, a stark balancing act faces us. Which is more important - our security or our privacy?

How much of one are we willing to cede in the interest of protecting the other?

On Thursday, a man killed more than 80 people in Nice in an apparent act of terrorism. It couldn't have happened at a worse time for France.

Not only was the country just getting over last November's terrorist massacre at the Bataclan in Paris, but it is currently engulfed in electioneering for a presidential contest where far-right candidate Marine Le Pen has a real chance of success.

So Thursday's attack - on Bastille Day, France's national day of pride and celebration - could scarcely have been more provocative, or come at a more sensitive time for policy-making.

Predictably, there are already renewed calls for a crackdown on internet encryption, used in services such as Apple's iMessage and Whatsapp. Such services, the hawks argue, "help terrorists communicate" outside the detection abilities of law enforcement.

France, so badly hurt by fundamentalist terrorism in the last two years, will surely now struggle to contain such calls. It has already laboured to dampen internal parliamentary resolutions aimed at forcing technology firms to create so-called security 'back-doors' for French investigators. To date, it has managed to temper such debates with appeals to freedom and liberty.

But like every government, it is set to once again wrestle with how to protect its populace from attack while not creating an over-weaning Big Brother state.

Against this background, it is remarkable that our pro-privacy sensibilities have to now held fast across the European Continent. The British government was largely stopped from introducing encryption-busting legislation this year by public outcry and the personal intervention of Apple boss Tim Cook.

Meanwhile, at the highest judicial level, the European Court Of Justice has made it clear that authorities simply aren't allowed to snoop on us in a sustained, bulk-based manner.

We've even managed to export the idea abroad.

Last week, the US government accepted tighter new privacy controls on how its authorities could collect EU citizen data. (The so-called Privacy Shield agreement may end up being challenged again at European Court level, but if the Americans adhere to what they have committed in writing, it will still be seen as a privacy advance of sorts.)

And a landmark court case in a New York last week saw Microsoft successfully argue that emails held on its Irish servers cannot be demanded as part of US police investigations. That's a case that the Irish Government, as well as EU privacy groups in general, had a particular interest in.

But even as privacy advocates celebrate such pivotal judicial decisions, the nagging background question remains ever-present: what happens when terrorist attacks start to get really bad?

If we were living in Nice, how would we answer a question about encryption integrity versus anti-terrorist investigation?

The real answer has always been one based on compromise. In short, almost all of us are willing to put up with compromises in our security to maintain privacy. We don't allow gardai enter our homes without a judicial warrant, even though it's statistically likely that over one in 10 homes has some sort of physical abuse going on.

It's almost exactly the same compromise with privacy. We are unquestionably willing to compromise some of our privacy in the name of security. (If you doubt that, just walk down any Dublin city street and count the number of CCTV cameras trained on you.)

For most of us, neither security nor privacy is an absolute. Both only exist where other factors don't egregiously interfere.

So when it comes to the immediate future of privacy totems - such as encryption and bulk surveillance - our attitude will undoubtedly be shaped by whether (and to what extent) we see terrorist activity on our doorsteps.

In Ireland, I suspect our commitment to the absolute ideal of privacy is a little shallow anyway. In other areas of equity and due process, we don't hesitate to compromise when it seems right. Our longstanding acceptance of the Special Criminal Court is testament to that.

But if ever there was a time when privacy needs a champion, it's probably now. While the world continues to suffer attacks from terrorists, the number of devices capable of being tapped as would-be intelligence sources is growing exponentially.

It's not just our email, Facebook and Whatsapp accounts. It's our cars, our security cameras and our 'smart' thermometers. It's even our smartwatches, taking medical readings. The tech companies may insist that everything they're offering us is secure. But the laws we write in the next five years will decide the context.

Our lives are set to be far more snoopable now than they ever were.

Sunday Indo Business

Business Newsletter

Read the leading stories from the world of Business.

Also in Business