I have decided to make this website available only over Transport Layer Security (TLS) – formerly known as Secure Sockets Layer (SSL).
Throughout the second half of this year there have been continuous revelations from Edward Snowden about the invasive universal targeting of internet traffic by the British and United States governments.
GCHQ are tapping hundreds of undersea cables under a programme codenamed TEMPORA, buffering vast quantities of trans-UK Internet traffic for three days and keeping the metadata relating to that traffic for 30 days. This is mass surveillance conducted with neither public debate nor effective oversight. It is clearly a breach of the Human Rights Act, if not technically, then in spirit.
The content of this site is available publicly, and accessing it might not be high on the list of things that would incur the wrath of the surveillance state, however encrypting it still has value. In “Why I wrote PGP“, Phil Zimmermann said:
What if everyone believed that law-abiding citizens should use postcards for their mail? If a nonconformist tried to assert his privacy by using an envelope for his mail, it would draw suspicion. Perhaps the authorities would open his mail to see what he’s hiding. Fortunately, we don’t live in that kind of world, because everyone protects most of their mail with envelopes. So no one draws suspicion by asserting their privacy with an envelope. There’s safety in numbers. Analogously, it would be nice if everyone routinely used encryption for all their email, innocent or not, so that no one drew suspicion by asserting their email privacy with encryption. Think of it as a form of solidarity.
By encrypting access to this site I’m taking one insignificant action towards addressing the problem of invasive universal targeting. If you run a website I encourage you to do likewise – a post explaining how I’ve implemented TLS here is coming soon. Meanwhile please let me know if you spot anything broken or behaving oddly around here, including mixed-content or certificate warnings from browsers.
If we all used encryption routinely GCHQ and the NSA would have to be selective about who they target – which is what they should be doing anyway!