For a security commentator, staying apolitical is getting harder with the increasing politicization of cybercrime and cybercrime management, and the increasing fuzziness between cyberwarfare, cybercrime and other cybernastiness. Not to mention the can of worms labelled hacktivism.
The current crimewave in the UK, whether or not one believes it has some genuine basis in political activism (and it’s hard to see how looting televisions and robbing the injured will eradicate injustice), may not be cybercrime as we’ve been accustomed to think of it, but it does have an IT dimension. Adding further items to the list of discomforting ways to use social media, with Twitter and Facebook and even BlackBerry Messenger used for communication between prospective participants, has also exposed inconsistencies in some political assumptions.
Thomas Mann once wrote that everything is politics, and I think he was right: Restricting the label “political” to the activities of those who have offices just off the corridors of power simply gives them leave to play in their own sandbox with a minimum of interference from those whose lives they regulate on so many levels. But that being so, it’s not surprising that the ever-more-pervasive influence of the internet on society is not always seen as a positive, and a single service (or even a single protocol) can be both a good thing and a bad thing.
The British government’s sudden desire to co-opt Facebook, Twitter and RIM into a law-enforcement strategy is symptomatic of a realization that state perception of the validity of media freedom is not based on absolute values but on context. One nation’s social threat is another’s liberation movement. It seems that it’s not only China but the Geek Peninsula (sic) that has trouble distinguishing between shutting down BlackBerry Messaging and the Great Firewall of China.
Actually, there’s nothing new here in principle. Messages relating to criminal activity can be carried as easily (if not as quickly) by snail mail, and postal carriers (like telephony providers) usually expect to be required to cooperate with law enforcement agencies at least some of the time – relatively few people get overly heated about defending the rights of paedophiles or bombers. The real difference is in the immediacy of more recent social media in the age of the smartphone. In fact, I take that back. It’s not just the immediacy, but the visibility of the media. And I don’t just mean the fact that Twitter and Facebook are readily available practically anywhere to anyone with a smartphone (and if you have a BlackBerry, that extends the third leg of the tripod…)
Consider the humble SMS texting service: Twitter and similar SMS-based services haven’t really extended the possibilities of the simple text much in terms of content. However, the volume of people who can be reached by a single text is revolutionary (just ask @LulzSec…) Even worse (as regards tweets and other posts that are “anti-you”), the whole online world can see the damage. I guess we’ll see in due course whether conversations between the vendors in question and the UK’s home secretary extend to the kind of routine interception of encrypted messages that some states have demanded from RIM, or will simply formalize interception on request (backed up by due legal process), possibly augmented an agreement to supply general intelligence that might precede such legal process.
It doesn’t seem likely, though, that we’ll see a more generalized Great Firewall of Great Britain in the near future as the services currently being discussed are probably too big and too popular for cheap, easy retrofitting with some kind of killswitch. Still, the combination of size and visibility does mean that it’s harder for the major social networking providers to fall back on the “common carrier” argument (“we just carry messages, we don’t police them…”) used in the past by email providers. Massive misuse of the social media is just too in-your-face to be ignored.