For some time now, the struggle against cybercrime has enjoyed a prominent place on the political agenda. The government of the United States in particular is worried. The denial-of service attacks against a number of important commercial websites, including yahoo! Amazon.com and CNN were grist to the mills of American law enforcement. In these attacks, enormous amounts of information were sent simultaneously, causing a traffic jam in the computers which put the websites temporarily out of action. It was like a shop blockade, but then in cyberspace.
The American Attorney General Janet Reno immediately demanded an increase in the budgets for law enforcement and extended powers to facilitate the apprehension of cyber-criminals. The budgets deployed for the fight against cybercrime are already impressive. In January 2000, president Bill Clinton announced a package of measures worth 2 billion dollars. The money was invested in educating computer security specialists, research into computer security and public and private programs in this area. “Our agencies will obtain the capacity to track down and prosecute cyber-criminals over the entire world,” assured a militant Reno. That’s some promise.
The cybercrime virus has infected authorities over the entire globe. Three components crop up every time in the rhetoric on the threat of cybercrime, cyberterrorism and cyberwarfare; the vulnerability of the digital infrastructure, the use of the Internet to commit digital crimes and the use of encryption to communicate freely and to suppress evidence. No hard statistics on the actual dangers are given; instead, there is a lot of shuffling with statistics and anything remotely connected to hacking is consigned to the great pile of cybercrime. The authorities emphasise the dangers of a perilous, uncontrolled cyberworld in order to obtain extensive authorisation to survey data, to track and to intercept.
This Cryptography Dossier sheds some light on the attempts of the authorities to make the Internet interceptible, paying special attention to the ways in which they try to tackle the problem of cryptography. Bringing the Internet under control is an international affair. This dossier highlights organs like the P8, the Council of Europe and the European Council of Justice and Home Affairs, all of which are difficult to control. These are the forums where the industrialised countries discuss the harmonisation of technical standards that will enable the interception of Internet communication, the harmonisation of powers to track down and trace people and cooperation by cross-border investigations into cybercrime. The measures agreed upon in these forums trickle down either directly or through treaties into national legislation.
Regular as clockwork, police and intelligence services announce that they might as well close up shop if no solution can be found to counteract encryption programmes. This view is diametrically opposed by civil rights groups, which regard encryption as an important means by which to preserve privacy in the digital world. The business community is also an important participant in the discussion. Reliable encryption is indispensable to anyone engaging in digital commerce.
This dossier describes the various efforts made either to ban encryption or to keep it under strict control, as well as law enforcement’s latest methods. Now that it is clear that encryption cannot be stopped, the authorities are grasping at other investigative methods by which it can be circumvented.
Privacy and the rights of suspects are the poor relations of digital developments. This has become especially true since the intelligence services have devoted themselves with a vengeance to the digital hunt. Making and keeping this form of communication open to interception is very important for intelligence services. Enormous interception networks that pluck messages out of the ether before searching them for keywords are an inexhaustible source of political and economic intelligence. It is almost impossible to control the work of these intelligence services.
A number of European member states have begun to express serious criticism of Echelon, the worldwide interception network of the United States, England, Canada, New Zealand and Australia. Court cases are being prepared, detailed articles on Echelon are appearing in newspapers and serious controversies are taking place. The Hague is enshrouded in the customary deathly silence with which it habitually greets matters of any significance.
Whoever enters the Internet leaves an easily followed trail of digital paths behind. The increasing digitalisation of society is making citizens’ actions and transactions more transparent by the day. This offers unforetold possibilities to investigate and pro-actively chart “possible” criminal groups. The police and judicial authorities are nibbling away at the compartments of the multitude of databases containing information on citizens. Increasingly, the activities of police and intelligence services are beginning to overlap each other.
The police and law enforcement’s continual lament that they are light years behind the high-tech criminals is, first and foremost, a recurring theme in the opera entitled “Give us an increase in our powers”. The digital world is a treasure chest full of virtual temptations enticing law enforcement to conduct new, groundbreaking research.