Defending the last missing pixels: Phil Zimmermann speaks out on encryption, privacy, and avoiding a surveillance state

Since writing the PGP encryption software in the 1990s, Phil Zimmermann has been a key figure in the internet privacy debate. With that argument heating up again, his perspective is more relevant than ever.

Walk into London's Victoria and Albert museum design, pass the queues admiring the fashionable frocks and rooms full of classical statues, and you'll come to a glass case. Look inside and you'll see the remains of a thoroughly trashed MacBook, and, a little down and to the left, a small, black, unblemished smartphone.

The ruined MacBook was owned by the Guardian newspaper and held a copy of the files leaked to the paper by by NSA whistleblower Edward Snowden, or at least it did until it was destroyed with axle grinders and drills following pressure from the UK government (all of this was pure theatre of course; duplicate copies of the files on the machine existed elsewhere).

The smartphone is better known as the Blackphone, the handset developed by a company called Silent Circle with the purpose of keeping its customers' conversations as private as possible.

The hard drive and smartphone tell different parts of the same story: how technology is at the heart of the battle over what privacy should, and does, mean in the twenty-first century. The smashed MacBook embodies how governments try (and fail) to contain their secrets (particularly ironic when the secret they want to protect is that they are spying on us) while the smartphone reflects the attempts of individuals to keep their communications private.

Phil Zimmermann
Phil Zimmermann
Image: Silent Circle

The Blackphone is the latest project from Phil Zimmermann. Over the last three decades, Zimmermann has been building encryption technology has ensured the security of countless messages. If you've ever had any secrets held about you on a computer—and everybody has secrets, even things as simple as tax records and credit card numbers—there's a good chance that Zimmermann's technology has helped keep them secret.

At a recent private viewing of the exhibition that features the Blackphone, Zimmermann pondered what the emergence of whistleblowers like Snowden says about the current state of privacy.

"The moral problems with the behaviour of our intel agencies should give us pause, should get us to step back and question, 'What are we getting our intel agencies to do?' We should take another look at this. We should try to restrain them more," he told the audience.

"This has been my motivation for my entire career in cryptography," he says. "The driving force is the human rights aspect of privacy and cryptography and ubiquitous surveillance, pervasive surveillance... We live in a pervasive surveillance society."

As he spoke, the radio of one of the watching museum guards squaked briefly and loudly into life, neatly illustrating Zimmermann's point.

Miss the mortgage, code the crypto

Encryption is the process by which data—be it an email, phonecall, or indeed any digital communication—can be scrambled so that it can only be accessed by the intended recipient.

The debate over online privacy had been going on since the emergence of the internet itself, often centred around the use of encryption, since the technology remains the best way to ensure privacy. After all, modern encryption systems mean it would take a supercomputer thousands of years to break encrypted messages without the key.

SEE: The undercover war on your internet secrets: How online surveillance cracked our trust in the web

Zimmermann has been a central figure in the debate since the start. His work on encryption has always gone hand-in-hand with his privacy activism, as he explained over tea the day before the museum's private showing.

"I can apply my crypto expertise to making a living and that fits nicely with the activism about privacy," he said. It's certainly the discussion of privacy that makes him most animated, although, as he notes, "at different times my activism has run in different directions," adding as an aside: "If I had more time, I'd work on climate change."

"If you're going to do communications on the internet, you pretty much have to do crypto"
Phil Zimmermann

In the 1980s in Boulder, Colorado, he worked as a military policy analyst with the Nuclear Weapons Freeze Campaign while juggling a day job as a software engineer.

During this period he was arrested along with Carl Sagan, Martin Sheen, and Daniel Ellsberg —quite a line-up for a geek dinner party—and 400 others for protesting at a Nevada nuclear weapons test site. It turned out the test they were trying to stop had taken place a couple of days earlier.

As the Cold War began to draw to its close, Zimmermann's interest in encryption grew as he realised the need for technology to protect private communications both across the world and at home. When the internet was just a hangout for a bunch of early adopters, security and privacy wasn't that big a deal. As it began to grow, that changed.

"The internet became a more hostile place. In the early days of the internet, it was kind of a nice neighbourhood with well manicured lawns and then it became a blighted neighbourhood so people were more aware they had to be more careful. If you're going to do communications on the internet, you pretty much have to do crypto to have any expectation of privacy," he said.

Computer used to write about Snowden.
© The Guardian/ Victoria & Albert Museum, 2015

Zimmermann began working on a project, which eventually became Pretty Good Privacy—PGP for short—an email encryption software package. It was published for free on the internet in 1991, and became the most widely used encryption software in the world. Its development wasn't an easy job, however.

"It was a hard road to get to the release of PGP. I missed five mortgage payments developing the software in the first half of 1991," Zimmermann wrote on the ten-year anniversary of its debut.

It got worse. When PGP spread worldwide, Zimmermann became the target of a three-year criminal investigation, because the government argued that US export restrictions on cryptographic software had been violated. The government finally dropped the case in 1996.

"It was shortly after PGP 2.0's release that US Customs took an interest in the case. Little did they realize that they would help propel PGP's popularity, helping to ignite a controversy that would eventually lead to the demise of the US export restrictions on strong cryptography," Zimmermann wrote.

That's because his case, along with a number of other events at the time, created a very public debate about how privacy technologies should be used. The conclusion was that, despite the potential risks that encryption might pose, governments ought not place controls on the technology.

"At the end of the 90s we saw many elements of society were reaching a consensus: that strong crypto was an important technology for ecommerce and civil liberties and privacy and a free society," Zimmermann said.

Since then, encryption has taken on the same level of importance to the internet as the Force in the Star Wars universe: a mysterious power that surrounds us and binds the internet galaxy together.

When we shop online, it's encryption that makes sure that your credit card details aren't being snooped on. When you log into your bank account, it's encryption that means you can be sure it's really your bank's website you are visiting, not a glossy fake. Encrypted databases keep your medical records safe from prying eyes, while encrypted email protects your business proposals, declarations of love, or nude selfies.

PGP is now owned by Symantec, and for the last dozen years Zimmermann has been working on encrypted voice communications protocols, and most recently the creation of a company called Silent Circle. One of the voice encryption standards used by Silent Circle is called ZRTP and as the company's website puts it bluntly: 'The Z in ZRTP stands for Zimmermann."

Silent Circle

Silent Circle launched in October 2012, jointly founded by Zimmerman and Mike Janke, a former Navy SEAL. The company counts 30 of the Global Fortune 50 among its customers, along with journalists, government agencies, and the military. The company recently raised $50m to fuel further growth.

But it's not your standard tech startup, many of which make their money from slicing, dicing, and reselling information about their customers' web habits. In contrast, last year Silent Circle moved its headquarters to Geneva—Zimmermann is also based in the Swiss city now—from Canada in search of stronger privacy laws to protect its customers' information, even from itself.

Originally when they started the company, the intention was just to pursue markets where there were people with a particular need for privacy—like journalists working in war zone—but after the Snowden revelations, "there were a lot more people that could see that there's a need for this in all kinds of situations," Zimmermann said.

zimmermannjanke.jpg
Mike Janke (left) and Phil Zimmermann
Patrick McDermott, Getty Images

Talking of Snowden, Zimmermann notes with a certain amount of pride: "Snowden got his hands on some documents that showed some products that [the NSA] had broken the crypto [on]—and none of my stuff was on the list."

Silent Circle's Blackphone device runs a security-toughened version of Android it calls PrivatOS. Calls are encrypted end-to-end which means even the company itself can't hand over the details to anyone. "We have no access to it. None. We can't disclose what we don't have access to," the company says.

Since the V&A exhibition opened, the Blackphone has been added to the collection of a second museum—the International Spy Museum in Washington DC. Its 'Weapons of Mass Disruption' gallery explores the challenges facing the intelligence community in the twenty first century.

The idea behind the Blackphone smartphone, and the tablet that followed it, is to provide an even greater level of security than is available with current hardware. The decision to move from software to hardware was in direct response to questions like 'Is your stuff NSA-proof?' which make cryptographers uncomfortable, said Zimmermann. That's because, while their software might work fine on 'clean' hardware, when running on a computer infected with malware, the software—no matter how good in theory—could prove useless. "For many years that was our caveat, but it's better to try to do something about it, [to] see if we can improve the hardware platform," he said.

The second version of the Blackphone is due out later this year, as is the Blackphone+ tablet. They arrive at a time when the old debates about privacy and surveillance and cryptography are being rerun once more.

The coming debate

Providing secure communications might seem relatively uncontroversial but the consensus built in the 1990s—that encryption is a good thing—is now on the verge of collapsing, with the Snowden documents representing the unexpected catalyst.

Governments are warning again about the dark side of encryption, claiming that it allows criminals to plot in secret because police and intelligence agencies can no longer crack their communications.

Recently, Admiral Mike Rogers, director of the NSA, said: "I certainly have great respect for those that would argue that the most important thing is to ensure the privacy of our citizens and we shouldn't allow any means for the government to access information. I would argue that's not in the nation's best long-term interest."

Lining up on the other side are the privacy campaigners and even the United Nations which argues that access to encryption is essential to protect basic human rights.

All of this is an issue again because, as a consequence of the revelations from Snowden about the extensive surveillance programmes of the US intelligence agency, more and more companies (Apple, Whatsapp, Silent Circle, and others) are making encrypted communications the standard for their billions of customers.

"All dystopian societies are surveillance societies"
Phil Zimmermann

As a result, politicians and law enforcement agencies have been making louder and louder noises that something must be done about the use of encryption—although they are vague on exactly what actions should be taken. They also generally sidestep the irony that many companies have only turned on encryption because of the massive data collection by the NSA and others.

The NSA is demanding access to encrypted communications and the UK is considering passing a law to enable the same. In contrast, Germany, with a different historical perspective on the dangers of government surveillance, not only allows encryption but positively encourages it.

Considering that Zimmermann has been through the whole encryption debate once and thought it settled, only to see it emerge again like some kind of digital Groundhog Day, he seems surprisingly relaxed and upbeat—at least about this element of the privacy battle.

"Back in the days when I was getting arrested for trying to stop the arms race, that seemed pretty hopeless. The entrenched interests in that were huge. Look around: we managed to get through it. The Cold War is over, the nuclear arsenals have been dramatically reduced—still enough to blow up the world a few times, but we're much better off now than we were. If we can change that, why can't we change this?"

For Zimmermann that means a public debate, like the one that the privacy activists won back in the 90s. "I used to debate NSA and FBI officials; I'd like to do that again. Strong crypto is pervasive now: in every web browser when you do ecommerce or online banking, the web browser has strong crypto. There's no rolling that back. That's why I'm not getting all worried about it."

But does the average member of the public care? Despite the Snowden revelations, has there been any real impact on public opinion? If so, it's difficult to perceive. The issue of privacy would mean little to an average citizen - say my dad - for example. Therefore, the wider the public debate, the better.

When bringing up my dad, Zimmermann's response is sharp and to the point: "You bring it up with him I assume? Then he might have quite a lot of opinions on it. Ask him what he thinks." His point: the danger is letting such issues pass undiscussed and unchallenged.

He might not be worried about the ongoing anti-encryption rhetoric, but he remains a vocal supporter of the right to use it. Zimmermann was one of a number of technologists who signed a letter to the US—along with tech giants like Apple, Google, Microsoft, and Facebook, and the American Civil Liberties Union—warning the White House to step back from attempts to bring encryption under government control.

"More than undermining every American's cybersecurity and the nation's economic security, introducing new vulnerabilities to weaken encrypted products in the US would also undermine human rights and information security around the globe," the letter said.

However, the very same governments, even the same agencies, that worry about the use of encryption by the public are themselves enthusiastic users of encryption products, including those from Silent Circle.

The irony is not lost on Zimmermann: "Everybody wants this protection for themselves, they don't want others to have it," he says.

"We had US Customs come into the office. It so happens that US Customs was the agency investigating me in the 90s. I sat in on the meeting and I said, 'How many people here actually worked at US Customs back in the 90s?' Nobody's hands went up—so none of the people in the room were aware that US Customs was the investigating agency in my case."

"They are in a golden age of surveillance now. They've got this big picture with a few missing pixels and they're complaining."
Phil Zimmermann

But what of the idea that only governments should be allowed to use encryption technologies? While Zimmermann was addressing a security conference in one hall of London's Olympia exhibition centre, in another hall at a completely different event, the UK's top anti-terrorism police chief made a speech complaining about how tech companies—he didn't say which ones—were making life harder for cops.

Zimmermann deploys an analogy to dismiss such arguments: "We're in the business of making body armour—there's a need for body armour, Navy Seals need body armour. What are we going to do? We can't just sell to them, there's not enough Navy Seals. If we sold only to them, the cost would just be crazy."

He points out that there are plenty of other technologies beyond cryptography that have been used by both consumers and the military.

"There's lots of technologies that are widely used: GPS receivers were developed by the military to guide missiles to their targets. It's only later that people started using them for other things. Crypto historically has been used more by the military than anybody, but now everybody uses it for ordinary things, just like they use GPS for ordinary things," Zimmermann said.

The question of pervasive surveillance

But while Zimmermann is relaxed about the prospect of refighting the crypto wars of the 1990s, he's far more worried by what he sees as a larger threat to privacy that is looming right now.

"The debate now is about the question of pervasive surveillance. We have to push back against the intercepting [of] everything that flows over the internet and fusing it with surveillance data that comes from other sources—cameras everywhere, face recognition algorithms behind the cameras—total information awareness," he warned.

Part of this is down to technology—as we carry more gadgets, snoopers will find it easier to track us and learn about us. But it's also to do with a change in emphasis for the intelligence agencies, from focusing on a few individuals to collecting as much data about everyone as they can.

Zimmermann argues that one of the key things that has come out of the Snowden leaks is how the NSA has changed its definition of the 'collection' of data, which allows it to collect and store vast amounts of data—as long as it doesn't look at it.

"The new definition of collection is that 'it doesn't really count if all I do is collect it and store it somewhere, but if I want to look at it in storage, then I go to a court.' Well, that's a pretty loosey-goosey definition of collection. That's collection that should count as collection," he said.

Zimmermann speaks with the air of someone who has had these debates many times before, but is still willing to go back into battle. What of the standard argument often deployed here: that if I have nothing to hide I have nothing to worry about?

His response is succinct. "If you really felt that you had nothing to hide, then I would never want to tell you any of my secrets as you're not going to protect them. If you're a doctor, I don't want to see you because you're not going to protect any of my patient records."

Also, to take such a narrow view is to miss the bigger point. For example, political opposition in China is impossible because the country has built a surveillance society, he argues. "Here we have a democracy in Britain, but sometimes in a democracy bad people can come into power and if you have a system that allows another election cycle, you can get rid of the bad people.

blackphone.jpg
The Blackphone 2 smartphone
Image: Silent Circle

"But if they inherit a surveillance infrastructure like what we are seeing, they can use the power of incumbency to remain in power. They can neutralise opposition with scandals or blackmail, or whatever can be exposed about their private life."

Even George Orwell's Big Brother had the decency to limit its surveillance to one all-seeing 'telescreen' per house. Now, thanks to smartphone selfie cameras and webcams on pretty much every device, we've all but built our own panopticon. All that is required is for the NSA or GCHQ to start gathering up the streams.

Technology can both protect the individual or create an environment where privacy is impossible, he warns.

"All dystopian societies are surveillance societies, so we have to get people to recognise that it's bad to give up everything," he said. "In any complex society, people do have secrets."

Even those people who see little to fear might ponder the scenario that Zimmermann sketches out of the future of pervasive surveillance.

"Imagine if the police installed surveillance cameras in your house, in every room of every house, in your bathroom, in your bedroom, and they collected all the video and put it on massive disc farms in the basement of the police station and they promise not to look at the files unless a court orders it."

He also has little time for the politicians and police who worry about losing track of criminals who use encryption.

"They are in a golden age of surveillance now. They've got this big picture with a few missing pixels and they're complaining. You go back twenty years, and they didn't have this big picture, they didn't have all these incredibly pervasive surveillance capabilities. So would they take that trade? I don't think so," he said.

"They have near total information awareness so they shouldn't be trying to take away our last few remaining black pixels on the big picture."

According to Zimmermann, we are witnessing the emergence of pervasive, retroactive surveillance, and the response is obvious. "We have to do something about this," he said.

Keep up with new threats to network security, get tips and best practices for hardening your systems, and learn about the latest developments in attacks and countermeasures. Subscribe to our Information Security newsletter.

About

Steve Ranger is the UK editor of TechRepublic, and has been writing about the impact of technology on people, business and culture for more than a decade. Before joining TechRepublic he was the editor of silicon.com.