Panama Papers score major points for encryption at a critical time in its survival

If anybody was unconvinced by the influence of technology – or an inadequate use of it – on global events today, they need look no further than the recent hacking of Panamanian law firm Mossack Fonseca.

On April 3, newspapers reported that 11.5 million of the company’s confidential documents, dating back to the 1970s, had been leaked. Since then, the worldwide news agenda has been dominated by revelations of people whose wealth the law firm helped hide in tax havens away from public scrutiny.

The leaked documents have implicated current and former world leaders spanning Europe, South America, Asia, Africa and the Middle East, including our very own prime minister David Cameron, whose father ran an offshore fund through Mossack Fonseca that avoided British taxes for 30 years.

While most of the exposures are not illegal, the data leak, which is the largest in history, has sparked a critical global debate on the morality of tax avoidance and the laws that enable it.

The irony through all this is the role of encryption – in both the data breach of Mossack Fonseca in the first place and the subsequent leak – at a time when government bodies are attempting to weaken companies’ use of it.

Extraordinarily, given the secrecy of its operations, Mossack Fonseca did not encrypt its emails and was running an old version of Drupal with several known vulnerabilities, according to security experts.

The source of the leak made no such mistake, communicating with reporters through encrypted channels only. And when he first contacted them more than a year ago, he made clear they would not get the documents unless his anonymity was preserved throughout.

>See also: Privacy vs. security: how businesses can master the balance

In the time since then, as journalists crawled through 2.6 terabytes of data in order to break the news as effectively as possible, the British government has stepped up its determination to pass the Investigatory Powers Bill, which seeks lawful powers for government bodies to bypass any company’s encrypted communications.

Meanwhile, the FBI attempted to force Apple to unlock an encrypted iPhone recovered from one of the terrorists involved in the December attack in San Bernardino, California. Apple refused, but the FBI found a so-called 'third party' who helped unlock the phone without Apple's help.

Many commentators expressed worry that the FBI had the ability to do it all along, but wanted Apple, the world’s most valuable company, to set a precedent in allowing government and security bodies to bypass encryption.

Institutions like the British government and FBI should be fully scrutinised in their opportunistic and scaremongering efforts to jump on terrorist atrocities as a method of manipulating people into backing their long-held political agendas for blanket surveillance.

Security agencies should be praised for their work in combatting terror attacks, but any claim that such protection can only come at the expense of a parallel attack on privacy in the digital age is wrong and dangerous.

Encryption has become a vital enabler to two fundaments rights today: security and privacy of the innocent. Technology companies must stand together with citizens of the world to preserve its capabilities and independence from government interference.

Avatar photo

Ben Rossi

Ben was Vitesse Media's editorial director, leading content creation and editorial strategy across all Vitesse products, including its market-leading B2B and consumer magazines, websites, research and...

Related Topics