The UK government has stated more than once that it wants to ban strong decryption. The most recent report on this is this one from the BBC.

You may think it odd to find this blog in the thread on espionage, but it is not really: the government wants to prevent the use of strong decryption so that they can spy on us all (to protect us against terrorism, tax evasion/avoidance etc.).

Strong encryption is used in many places: WhatsApp, Apple's iMessage and Skype are some of the most well known, but banking and financial services are another area of our lives that depend on keeping data secret.

So why am I so against government having the ability to spy on my data? After all, they are only suggesting that it be used after a legal warrant has been granted. Well, here is my "off the top of my head" list:

1. Despite laws and other rules, spying happens without warrents, not only by the US NSA, but also by the UK's GCHQ, and we only find out about it through the efforts of whistle-blowers such as Edward Snowdon;
2. Governments around the world have a really poor track record of keeping secret information secret (a recent example is the breach at the US OPM [Office of Personnel Management] where the personal information of at least 21.5 million people seems to have been stolen), and any law that allows government to collect data about me is just a pathway to making my data public;
3. I have a right to privacy, and government only has a right to breach that if they can first prove that I am a law breaker (the right to be treated as innocent until proven guilty);
4. The last government attempt to limit or undermine encryption technology for security reasons opened back-doors for hackers. This one will do the same, since if the law prevents me from strongly encrypting my data, it is not only government which will be able to hack into it; criminals will also be able to steal it.

The idea of only allowing weak encryption, to enable government to spy on us for whatever reasons, is akin to a law requiring us to leave all our homes and cars unlocked so that the government can search them whenever needed: the whole concept is disproportionate, and in violation of our rights.

This BBC story highlights the kind of thing which can happen with weak encryption. In this case, the lack of security is due to incomptence and irresponsibility by Globalstar (there is simply no encryption), but the results will be the same if weak encryption is used. The Globalstar satellite-based system is used to keep an eye on trucks, cars, containers and ships as they move around: that could include both valuable cargo (e.g. armoured cars used for cash transport) and hazardous cargo (e.g. toxic or radioactive waste). The lack of adequate security (lack of strong encryption) means that not only can criminals and terrorists find out where items are, but they can spoof Globalstar's system into thinking that they are somewhere else; all this makes stealing valuable and dangerous goods very easy.

Think about another scenario: you lose a significant amount of money due to a hacking attack on a financial institution, so you sue them because their cyber-security was not good enough. Their defence is that weak encryption is now mandated by law. Now your only recourse is to sue the government for enacting stupid laws: good luck with that!

The bottom-line is that we need strong encryption. Nowadays, the Internet is deeply embedded in our daily lives: every day more so. The data on the Internet and in computer systems in general needs to be safe, when stored and when in transit. If your government makes it illegal for you to use strong encryption, you have options: get a mobile phone in a different jurisdiction, move any servers out of reach of the new laws, change your cloud storage provider, and may other choices. I hope it doesn't come to that.