[ArsTechnica] Brussels terror attacks: Why ramping up online surveillance isn't the answer
Two days after the attacks, EU ministers met in Brussels at an emergency justice and home affairs council, and predictably demanded more access to our Internet histories, more powers to track people, and more ways to break into our private communications.
The European People's Party has reportedly said it wants personal data on everyone who takes a train to be stored. Meanwhile, a so-called Passenger Name Record is in the works for all airline passengers.
And, even before the terrorist attacks, Belgium officials were mulling the expansion of the country's data collecting and storing laws. Never mind that the European Court of Justice, and the Belgian Constitutional Court have ruled that data retention is illegal. My adopted country also plans new surveillance legislation that would allow intelligence agencies more freedom to eavesdrop on cross-border communications [...]
I am not opposed to proportionate and specific surveillance. My opposition, on principle, is to mass unjustified collection of personal information "just in case." Just in case of what? In case we're all closet terrorists?
Predictably, Europol Director Rob Wainwright blamed encryption. He told POLITICO. “Encrypted communication via the Internet, and smartphones are a part of the problems investigators face in these instances. We have to find a more constructive legislative solution for this problem of encryption.”
Since when is encryption a problem? [...] Using crypto tools doesn’t mean you are a terrorist. Weakening encryption will just create vulnerabilities that will be exploited by the very criminals and terrorists we want to stop. [...]