THE BLOG
04/02/2015 05:05 GMT | Updated 05/04/2015 06:59 BST

You Can Try to Ban Encryption if You Like, Mr Cameron, But Don't Expect the Rest of the World to Follow Suit

"In extremis, it has been possible to read someone's letter, to listen to someone's call, to listen in on mobile communications... The question remains: are we going to allow a means of communications where it simply is not possible to do that? My answer to that question is no. We must not."

These haunting words from David Cameron in the wake of the Charlie Hebdo attacks have raised a few eyebrows and posed a number of questions in the tech community. Does he mean a wholesale ban on encryption? Does he want government access to every single encryption algorithm? If so, he is embarking on an isolated road on which he will find it hard to get others to join him. The compound effect, if he was successful with such a ban would be so vast, it would spell the end of privacy and cyber-security as it is known in the UK.

Much as prohibition did not work in 1920s USA, outlawing technologies simply will not work now. Do we really want to create a software black market, where people covertly swap apps like censored books changed hands behind the Iron Curtain? As for the terrorists, they will always find a way to communicate; those who wish to evade detection will simply employ other steganographic techniques while the rest of us suffer from a lack of privacy.

Not only is David Cameron's approach to cyber security unnecessarily severe, it points to a lack of technological understanding. Attempting to ban encryption is virtually impossible to do; it's essentially an attempt to ban maths. His proposition is almost like saying 'let's reduce burglary by removing all the locks on our doors so the thieves have nowhere to hide'.

It is also statistically improbable for mass surveillance to be an effective solution for catching terrorists. Ray Corrigan, a senior lecturer of mathematics, computing and technology from the Open University argues that by treating everyone as a suspect it will generate so many false leads it will put more pressure on an intelligence service that we are told is already stretched. As Dr Corrigan puts it: "terrorists are comparatively rare, so finding one is a needle-in-a-haystack problem. You don't make it easier by throwing more needleless hay on the stack."

What he fails to understand is that encryption with selective backdoors isn't practical; there isn't a backdoor for the good guys or that is guaranteed to stay closed for the bad guys. The government need to rethink its approach to this; it cannot hold a key without letting everyone else in. This will prove detrimental to the very people it's trying to 'protect' and potentially leave a vulnerable single point of failure, attractive to all hackers.

In light of the Snowden revelations, we are in an age where data privacy fears are a monumental cause for concern, and a ban will not satisfy the worries of the British public. Every day, people are worried about their data being collected; the idea of the government becoming an omniscient presence will undoubtedly threaten the free and open Internet as a result.

The majority of social media and messaging apps are global, it would be astonishing if they were willing to compromise their default encrypted services to comply with new UK laws. Recent research from Open-Xchange has shown people have stopped using online services and apps because the threat of their data being collected far outweighs the benefits they receive. App developers are unlikely to want to lose any more users, and it would be far easier to shut off a service in one country than compromise every user around the world.

The recent Sony hack has shown all too painfully the dangers of businesses holding unencrypted content on their servers. Could a UK encryption ban make UK based businesses prime targets for cyber-criminals wishing to extort money in return for not leaking highly sensitive data? Would any security-minded international business consider running data operations out of the UK? The financial services sector that Mr Cameron so openly courts are unlikely to be impressed with the prospect of the government holding the keys to their data, unless there is one rule for big business and one rule for you and me.

Mass surveillance and removing privacy rights are tools of suppression normally used in countries like Syria, China and Iran. This is somewhat a paradoxical approach considering Mr Cameron's previous insistence of 'upholding British values' and not using the internet as means of repression. The West has to show that it has a respectable culture and that it is the 21st century option to medieval governmental systems - the idea of an unencrypted Internet should be solidly rebuffed.

Rather than ill-conceived, reactionary measures, Mr Cameron should realise it's not a lack of access to data that's preventing better detection of terrorists: Instead, put more resources into analysing the data and what to do with the access they currently have: Tempora proved the UK Government already has more access than it needs. In an age where privacy is already a pressing concern, we can do without our civil liberties being eroded even further.