There was a brief setback to Britain’s plans for a comprehensive data law last month when a key witness at an official hearing dropped a bombshell, telling lawmakers that the Bad Guys do not openly communicate their evil intentions on Facebook or any other media that they might monitor.
Only the most stupid type of criminal or hapless activist should fear new police powers to access personal communications, Britain’s Information Commissioner Christopher Graham told the panel of supposed experts.
“If you are the sort of international terrorist or organized criminal whom this system is designed for, you presumably will have the wit not to go to one of the big six [providers],” he said. “You might well be able to afford…your own private network registered overseas and then all your traffic will be encrypted and you’re home free. The really scary people will have worked that out for themselves."
He added, “This is a system which, on the face of it, is looking for the incompetent criminal and the accidental anarchist.”
And, of course, he was right. If we were living in a sane world, the lawmakers here would have had a mighty pause for thought. Such a revelation should have shaken their faith to the core. Why else would they devote so much energy to observing the population at large if not to weed out the criminals?
Logically, at this point, the legislators – knowing they were barking up the wrong tree – would instantly drop all attempts to monitor the general public, certain that they would fail, and look elsewhere in their quest to combat crime. Curiously, that was not the case.
Those with the wit long ago abandoned the surface web in favor of the hidden networks of the deep web. Drug dealers, gun runners, contract killers, pedophiles and terrorists are all plugged into a parallel Internet that allows them to communicate secretly among themselves, to post what they like and download all manner of material.
They can buy and sell using their own underground currency, the BitCoin, and nobody can trace them.
Doubtless, Mr. Graham’s comments came as little shock to those in Britain’s security services because they also use these hidden networks for their own nefarious purposes.
For all anybody knows, there are hundreds or thousands of hidden networks. Back at the turn of the century, the U.S. Navy invested in one particular network – known as the Onion Router, or Tor, for short – and it is widely used today by numerous agencies and others to transmit and receive sensitive information.
As it happens, anyone can access Tor by downloading and installing the free Tor/Firefox browser. This diverts Internet traffic through a worldwide volunteer network of servers to conceal a user’s location and activities, effectively hiding users among all the other users. It works by encrypting and re-encrypting data multiple times as it passes through successive Tor relays. This way the data cannot be unscrambled in transit.
Any criminal worth their salt will know that Tor has its flaws and should not be considered completely safe. Although the IP address is concealed, a digital fingerprint can linger allowing someone accessing the local network – a Wi-Fi provider or an ISP working with law enforcement – to glean some idea of a person’s activities.
As such, extra levels of security need to be added. There are secure email services like TorMail and social networks where users share documents, photos, videos, music and other things with total anonymity.
With the Tor browser up and running, the best entry point is the Hidden Wiki which lists other hidden networks, secure email and messaging services, Deep Web search engines, and numerous disreputable businesses, through to the kind of pornography that would give most people lasting nightmares.
There is also a very odd feel to the place. Traveling on the Onion Network is like going back in time to the days of dial-up when pages took an age to load and there were no flashy graphics. But everything is here: websites, bulletin boards, forums and even clones of Twitter and Facebook.
It is just possible that Britain’s parliamentarians tasked with drafting the new communications law are entirely clueless. But it would seem very strange if the police knew nothing of these hidden networks.
So why are police forces globally fighting hard for enhanced surveillance powers? There are two possible explanations. Either they do know all about them but actually want the enhanced powers to keep tabs on the rest of us for other unstated purposes. The other alternative is that they are less than bright, but that’s not very kind.
Over in Canada, the police are vigorously campaigning for the resurrection of Bill C-30 to monitor citizens without the need for those pesky warrants, and they don’t want to be left out when everybody else is doing it.
“Canadians need the same protection against criminals that other Western democracies enjoy,” insists the country’s top policeman, Jim Chu. He apparently believes the police should be able to access all personal data including medical records in the fight against crime.
“If we stand by and do nothing, criminals will continue to exploit today’s technologies to criminally harass and threaten others and commit frauds, scams and organized and violent crimes with little fear of being caught,” Chu said.
Actually, Officer Chu, this is precisely what is happening and there is nothing you can do about it.