In a move picked straight out of an Edward Snowden scenario, and the NSA field manual, the Norwegion secret police (“PST”) is considering the development and deployment of methods to “intercept data at such an early stage that it has not yet been made unreadable by encryption” (M.B. Bjørnland, director of PST, May 30th 2016). The director describes this as a “pinpoint” method, which will be designed to target individual computer systems (i.e. the PC on your desk) with a lawful warrant as a base, using keyloggers and other black hat tools to intercept input and data before file encryption can make the information inaccessible.
Naturally, the privacy concerns are extremely serious, arising both from the risk that the tools (if they can indeed be developed) will be used on a much wider basis than the “pinpoint” basis the director describes, and from the risk that the tools will be mishandled, abused or leaked. In a move resembling those of cold war Stasi and indeed the NSA, the Norwegian secret police has decided to employ a well known argument, in that the “infringement” on privacy is a minor one compared to the impact that terror and serious crime has on its victims. In doing that, the agency has made use of an argument which is already known to be a false one – should the tools they plan to employ be mishandled or end up in the wrong hands, they themselves have created terror, and become the terrorists they so fear, just like the NSA in the US.
Law abiding citizens in the US are already living in fear of government surveillance, with more and more information on just that appearing every day. The US is certainly in a special condition, seeing as the entire legal system seems to be breaking down, police is being militarized and wide spread surveillance is not only theorized, but proven, again and again. That is not to say that the methods, symptoms and effects can’t spread outside the US. Norway, widely regarded as one of the most liberal and free countries around, is about to take a giant leap in that direction.
The PST (secret police) director opines that the agency has been “lagging behind” the technological advances, and that developing and implementing these black hat tools will make up for that disadvantage, making the agency better equipped to prevent and deter the most grievous threats to the nation’s security. What it in reality will do, is make law abiding citizens as well as would be criminals, protect themselves better against data theft. It will lead to new detection tools being developed, and an even more wide spread use of VPN tools for direct encryption and hiding of network connections, better protection against root kits, key loggers and connections detection, etc. etc.
The detection, prevention and deterring of terrorism and serious crime is certainly a challenge, and information gathering is a massive part of that work. However, with the use of black hat tools that can break into computers, activate web cameras, browse files and in essence, hijack an entire personal computer system, law enforcement will create the potential for unparalleled intrusion into personal lives – a potential which will be a massive carrot for anyone brazen enough to try and get their hands on it, for more nefarious reasons.
While the Norwegian police may not have sinister motivations, we do know that a list of precautions is in order for anyone who wants to keep their privacy intact, online and offline:
- VPN connections when the computer is connected to a network.
- File encryption for any files that are sensitive.
- Updated virus scan and malware scan software.
- Fully updated Windows installation, or other OS where applicable.
- Connections monitoring – see who’s on your home network.
Protecting other devices than computers (Macs and PCs) is a whole other matter, but as recent US court cases involving Apple and the FBI have shown, that might not be a serious concern yet. “Wiretapping”, of course, is a known law enforcement method, which is both traceable and difficult to achieve without access to highly protected services.
The development in Norway is still ongoing, but in the US, the horror movie scenario is already a fact. Security is for everyone, and you should take steps to protect yours today.