By Max Musson:
Anyone who has worked in a managerial capacity for a major bank will be familiar with the concept of ‘moral risk’ and the basis of this concept is the premise that if someone is routinely given the opportunity to perform a dishonest or immoral act that is to their own advantage without anyone else finding out, then sooner or later they will take advantage of that opportunity.
While bank employees routinely have the opportunity to embezzle the funds of a bank’s customers, banks therefore employ, sometimes simple and laborious but often complex administrative systems designed to ensure that should such embezzlement take place, the employees concerned will eventually be discovered. It is the certain knowledge that they will eventually be caught that prevents bank employees from routinely embezzling their customers’ money.
Bearing in mind the principle of ‘moral risk’, it is all the more disconcerting therefore when one considers the implications of CIA whistle blower Edward Snowden’s most recent revelations about breaches in Internet security created by the British and American secret services.
According to top-secret documents revealed by the former intelligence contractor, extracts from which have been published simultaneously by the Guardian newspaper, New York Times and the investigative news website, ProPublica, US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails. These files show that the US National Security Agency (NSA) and its UK counterpart GCHQ have extensively compromised the guarantees that internet companies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments.
The widespread use of encryption for online communications and transactions has been viewed by the intelligence agencies as one of the biggest constraints upon their ability to freely monitor internet traffic and therefore a range of measures have been employed to circumvent such encryption.
These methods include: covert measures to ensure NSA control over setting of international encryption standards; the use of powerful supercomputers to decipher encryption algorithms; and the most closely guarded secret of all, direct collaboration with technology companies and internet service providers.
In this latter respect, the security agencies have in collaboration with technology companies and internet service providers, inserted secret vulnerabilities, known as ‘backdoors’ or ‘trapdoors’, into commercial encryption software.
The documents released by Edward Snowden indicate that the security of Microsoft systems has been compromised together with Hotmail, Google, Yahoo and Facebook and a situation now exists in which the security services have access to sensitive and confidential information transmitted on the internet, including most encrypted information relating to individuals’ medical records and online banking.
Irrespective of whether or not one believes it is a good idea for the security services to have access to private and confidential information in their battle against ‘terrorism’, the current situation raises two very serious issues:
Firstly, the principle of ‘moral risk’ has been ignored and while the 850,000 cyber snoopers employed by the NSA in the United States, and the additional thousands employed by GCHQ here in the UK may have signed the ‘official secrets act’ or its US equivalent and can possibly be trusted not to reveal information gleaned that impacts upon national security, the need for secrecy and stealth with regard to their activities means that it would be almost impossible to enforce the kind of systems that banks use to deter and prevent embezzlement and fraud by their employees.
Potentially therefore, hundreds of thousands of people employed by the security services will have knowledge of the ‘back-doors’ that enable them to circumvent the encryption of online banking accounts and will have the ability to abuse this position of trust in circumstances in which no-one would ever find out. No wonder cyber crime is on the increase!
How many ‘Edward Snowdens’ have there been who have kept their mouths shut about what they know and who have instead used their insider knowledge of encryption weaknesses to siphon money out of innocent people’s bank accounts?
We will probably never know.
Secondly, where ‘back-doors’ exist in software, with respect to pass-worded software accounts and confidential encrypted accounts, we can be certain that organised crime syndicates will be employing large numbers of criminal ‘wannabe’ ‘Edward Snowdens’ to search for the ‘back-doors’ that exist, and it does not take a genius to imagine the havoc that could be caused if organised criminal gangs gained online access to the bank accounts of individuals, corporations and governments and have gained access to the central databases of government agencies.
Lastly, for those of us who do not trust government agencies to always exercise the powers they have in the public interest, the knowledge that the security services have gained access, not just to a mass of personal information that is stored and transmitted online, but also to our bank accounts and all of our online accounts, means that political dissent cannot be conducted by lawful opposition groups and political parties with any degree of confidentiality, unless the groups and political parties concerned operate as if they are illegal organizations and employ the same kind of deceptions, money-laundering and information laundering techniques that organised crime syndicates employ.
Under the Political Parties Elections and Referendums Act 2000 here in the UK it is illegal for a political party to operate in the covert way suggested above and therefore any truly revolutionary political party will always operate at a decisive disadvantage relative to the establishment parties in power, because as a result of the reporting requirements of this Act and the ability of the security services to conduct intrusive surveillance of the kind we are discussing here, the establishment parties will always know what resources are available to any genuine opposition parties, what their plans are, who their personnel are, and full details of any potentially embarrassing information which could be used to discredit those parties and/or their leading members.
The traditional political party route to power is therefore no longer an option for any truly reforming opposition group.
In fact, we have reached a situation in which the draconian powers employed by governmental agencies are so pervasive, intrusive, oppressive and intimidatory, that any right-minded citizen would regard them as tyrannical and should feel inclined to oppose them as a matter of principle.
We are therefore just one step away from a situation in which to dissent from government policy is in itself regarded by governmental agencies as evidence of criminality – and this is very dangerous.
Once governmental agencies start to regard political dissent as tantamount to criminality, and they have as routine the opportunity to abuse their internet access to public and private records and to private bank accounts etc., without anyone finding out, then the principle of ‘moral risk’ tells us that they will sooner or later begin taking advantage of these opportunities to sabotage lawful political dissent and lawful political opposition and we will find ourselves living under a tyrannical, totalitarian regime.
Furthermore, imagine just for a moment a situation in which a reforming political party that is opposed to the current regime’s policies of multiracialism, and globalism etc., achieves a position in which it starts to enjoy the majority support of the British public with a general election approaching.
What would the current government do?
More to the point, what would they not be prepared to do, out of a sense of fair play and propriety, in the absence of any technical constraints?
The banking experience is that if governments can through our security services gain access to and high-jack the online accounts of dissident groups, in circumstances where no-one will ever find out, there is nothing they would shy away from doing by way of sabotage, if it would be to their political advantage.
Power corrupts, and absolute power corrupts absolutely, as they say!
By Max Musson © 2013
# # # #