WIRE-TAPPING

In an age of the rapid development of information technology the question of ensuring the security of private information is becoming ever more topical. The former employee of the US National Security Agency, Edward Snowden, exposed the truly colossal scale of "tapping" worldwide, and this was not just of private citizens but even high-ranking officials, including heads of state.

The sensational story of the tapping by the US special services of the mobile telephone not only of the German Chancellor Angela Merkel, but also the heads of other countries has become so serious that the German leader made it the focal subject of the European Union summit in Brussels.

Before the summit Chancellor Merkel and the French President Francois Hollande met separately and came out with an initiative to enter into bilateral talks with the USA to find an explanation of and a solution to the problem of tapping telephone conversations.

The NSA has tapped the telephone conversations of 35 heads of state, writes The Guardian newspaper, referring to a document passed on by the former CIA operative Edward Snowden. Besides this, the NSA intercepts up to 500 million telephone and Internet messages of ordinary citizens every month, and in France this figure is as high as 70 million.

How possible is it to protect one's own private information? Can everything we put on line be used by hackers? How can ordinary citizens in general protect their space from outside interference if even heads of state are being closely watched? Mikhail Yemelyannikov, a well-known Russian expert on information security, shared his thoughts on these questions with R+. 

- Are digital technology and communications really so vulnerable that even the heads of European states have found themselves "under surveillance" by the US National Security Agency?

- The problem is not that the private information of individuals, state bodies and companies is finding its way into the hands of a large number of other people, but that they are sharing this information with others. Another problem is that the introduction of existing highly reliable protection systems requires a very profound knowledge of computer technology. One has to correctly install an anti-virus, set up encipher equipment, correctly carry out a key exchange, and so on. None of this complies with the nature of the use of the Internet that now exists. For example, you can't set up an encryptor on the Facebook social network, but a person puts on Facebook more information about himself than he would in any other case.

- It wasn't so long ago that in detective films and novels spies broke open safes and photographed documents to get at secret information. Doesn't modern digital technology open up broad possibilities for espionage?

- As far as listening in on the German and Brazilian leaders is concerned, undoubtedly any technical possibilities that exist will be used to eavesdrop on heads of state. The fact that the leaders of these countries ought not to conduct talks on topical questions through an open telephone line is another matter. 3G and 4G mobile communications channels should not really be regarded as encrypted. The special services can easily tap them. For government telephone conversations there are information protection systems developed by reliable manufacturers which cannot be tapped by foreign intelligence services. Be that as it may we cannot automatically rely on the secret of communication because technology means that absolutely any traffic can be monitored.

- Are there any means of information protection that could ensure absolute protection? Or will the hacker's "key" find a way of opening any electronic "lock"?

- In theory indecipherable codes do exist but ordinary users will scarcely be able to apply them because the sphere of application of these coding systems is very restricted. In the 1990s the leading cryptographer Philip Zimmermann devised the legendary protection system which really upset the American special services. It was called Pretty Good Privacy. Unfortunately, it was complicated to use because the ordinary user was not always able to install it.

- Does the US have an advantage in the struggle for control of information since that's where the main producers and regulators of computer technology are?

- Yes, they do have an advantage. First of all, the Americans put huge sums of money into tightening control over digital communications systems. There are 10 special services dealing with this. On the other hand, the high-tech companies which provide Google, Microsoft, Internet services and so on come under US jurisdiction and the American state bodies are able to influence them. As Bruce Schneier, the well-known expert on information security and American cryptographer, admitted: "Starting with gentle measures of influence up to so-called amendments to the law on security, the American special services are forcing communications companies to cooperate with them."

- According to some rumours, all activities on the Internet can be monitored. All enquiries to search engines, remote documents and images end up in a special container on the other side of the ocean. For example, a paper letter can be torn up and thrown away, but where do you put remote e-mails and messages?

- You're quite right. Everything you put out on the Internet for public display will be stored there for ever and could be used against you. Confirmation of this was a communication that one student sent to Facebook asking it to forward him the data about him on the social network. He was given a vast amount of information, and a lot of it was marked "withdrawn". He believed that they had removed these documents, but the company had stored them and, evidently, will store them indefinitely. This happens everywhere. If you have removed some piece of information from a site but it might have been indexed by Google-type search engines and so on, then you will always be able to find this information on the Internet. Even though you believe that physically it doesn't exist. That is why people and companies themselves should restrict the amount of information they put out on the Internet. Such a concept of privacy to which we have become accustomed, including the whole of the 20th century, no longer exists.

- There have been reports in the press that the US special services have been listening in to the conversations of millions of GSM mobile communications users in France, Germany and a number of other countries. Is such total espionage technically possible?

- There is a special programme for monitoring conversations on mobile networks. Every year the US invests about 250m dollars on creating decoding devices which decipher 3G and 4G mobile conversations. Incidentally, the fact that the American special services have been able to acquire a vast amount of information about European leaders, in particular German and French, could not have been done without the help of local special services. The American system of broad monitoring of the Internet and PRISM electronic communications, which Edward Snowden was talking about, has been used for tapping telephone conversations. This system enables telephones to be tapped all over the world.

- This system is fine when it is used for fighting international terrorism. But how do you protect private political or economic information?

- First of all, you severely proportion the information you want to post on the Internet, especially that which is to be sent through public services by e-mail. Second, you make broad use of personal computer protection systems, not just in banks and companies but also to ordinary users. Third, you need to make sure, through the civil society, that the Internet companies and the state have observed the constitutional rights of privacy. All these three ways will be very difficult.

- Some states, for example Iran, are withdrawing from the world cyber-space and creating a restricted internal Internet.

- Such measures are also being adopted in North Korea, China and other countries. This is a clear-cut violation of a person's right to access to information. Moreover, Europe is now moving towards constitutionally consolidating the right of personal access to the Internet. In other words, it is on a par with such fundamental rights as the right to a private life, privacy of correspondence, and so on. No state has the right to restrict a person's access to information. He has the right to decide what he has or has not access to.

- Will paper correspondence eventually be consigned to the past and will electronic mail replace it everywhere?

 - 75 per cent of the world's output is already stored in information systems. And this trend towards paperless, digital communications will only increase.