You are driving home from work. It’s the 000th time you have made the journey. Car dealerships to the left and office blocks to the right of you are familiar sights. But something is different about this car journey. As you lift your right foot from the accelerator and apply it to the break, nothing happens. Your car, hurdling past those familiar landmarks, is unable to stop. Repeating the motion bears no fruit, however frantically you try to bring your car to a halt. You have lost control of your brakes.
Frightening scenario? It’s a reality which leading car manufacturers have had to face up to. Proper safeguards to prevent hackers from controlling automated cars have not been put in place, to the detriment of passenger safety and commercial reputations.
Last month, Fiat Chrysler recalled 1.4m automobiles after it was revealed that they could be remotely controlled by a third party. Earlier in the year, researchers from Germany succeeded in unlocking the car doors of BMW vehicles from a smartphone.
The same problem – a lack of encryption – blights the ability of information handlers to guarantee that data collected and transmitted using wireless, unencrypted devices won’t fall into the wrong hands.
However, this is not attributable to lazy law making. On the contrary, it has been the intention of policy makers to ensure communications encryption is relatively weak. We want to encrypt the software in our cars, but it is harder to find consensus on encrypting our digital footprint.
A review was conducted into communications encryption 2015. In A Question of Trust: Report of the Investigatory Powers Review, David Anderson QC asserts that “authorities fear developments such as universal default encryption”. The perceived need for information encryption is driven by a number of factors, the will of the public and campaigners being one of them. Edward Snowden’s surveillance expose in 2013 further heightened a growing public desire for universal data encryption. Apple, Google and WhatsApp responded by offering greater encryption safeguards.
Yet, the swell of public opinion in favour of communications encryption further strained what little consensus existed between the public and intelligence authorities on encryption.
Nervousness on the part of UK and US intelligence services increased markedly following the post-Snowden encryption surge. In 2014 the head of GCHQ condemned aforementioned service providers for creating a “command control network of terrorists”. In the same year, the director of the FBI said that the “post-Snowden pendulum had swung too far” towards encryption. And, in January 2015, David Cameron promised to eliminate “safe spaces” for terrorists.
Evidently, encryption is relatively non-divisive when there is little conflict of interest between policy makers and the public. With regards to cars, policy makers have much to gain by allying safety concerns. There is no tug of war. But the issue is not so black and white when it comes to regulating encryption of data, as the to-and-fro between proponents of encryption and unencrypted data indicates.