Much more troubling than the media’s failure to get basic terminology right is the fact that nowhere in the media have I seen anybody bring up the most immediately obvious difference between cyberbullying and real bullying, the difference which makes cyberbullying a non-issue: the ability to effortlessly block the bully with 100% efficiency. It might be very nearly or even completely impossible for a young child to avoid the schoolyard bully who catches the same bus as him, or who hangs out in central hallways or infront of the most popular piece of playground equipment – but it takes literally less than a minute to stop somebody from ever contacting you again via email or any of the major instant messaging or social networking sites. The process is quick, painless, free and foolproof.

I expect a lot of people would retort to this fact with the suggestion that we cannot reasonably expect young children to know how to perform such complicated tasks with their computers (a rather disingenuous claim, as most school aged children either are or quickly will become more proficient with using computers than the parents who would make the claim). This argument can pretty much be rejected outright. Here’s a screenshot of the conversation window of Windows Live Messenger (courtesy of www.msgweb.nl), which is by far the most commonly used instant messaging platform amongst Australian youth. The icons along the top, with the pictures of telephones and playing cards, are used to send other people files, initiate voice conversations, play games with them, etc. Children sure as hell know that they’re there and know how to use them: they control some of the main functionality of the program. The rightmost icon, of the green face behind a prohibitive red circle? It “blocks” the person you’re currently talking to. They can’t send you messages anymore. They can’t see whether or not you’re online. They cannot bully you. And it will stay that way until you decide to unblock them. It’s not a complicated series of menus of dialogs children have to navigate to achieve this, they have to use a single intuitive-looking button in a familiar part of the window. If they can’t figure it out, their parents certainly should be able to. If the children and their parents combined can’t work this out in one night, or if parents aren’t being involved at all at with what their young children are doing online, then there are much bigger problems afoot than cyberbullying.

Even if we grant both school children and their parents incredible levels of stupidity, a half hour classroom session and a pamphlet sent home with screenshots at the start of each school year would get people up to speed on this. It’s just not a big problem, at all. Yet, to quote the Australian article, “the Government has admitted it is yet to fully understand the problem — or the extent of it”. That’s quite a worrying indictment of our government’s understanding of some of the most basic and common things that happen on the internet. What’s going to happen when they try to tackle an internet related problem that’s actually…a problem?

I have never seen any media treatment of the issue even mention that blocking contact from people on the internet is possible, let alone trivial. Instead they spout ridiculous ideas about how the government can help solve this problem, about how there should be laws passed against cyberbullying and court cases should be held (this isn’t suggested in the referenced article above, but it certainly has been discussed in the media). What planet are these people on to think that these solutions are even possible, to say nothing of sensible? For the government to monitor all the various different forms of communication by which cyberbullying supposedly takes place (many of which are based on proprietary protocols subject to compatibility-breaking changes without noice) in anything close to real time is technically infeasible without spending a truly vast amount of time and money, entirely out of proportion to the severity of the problem, and would also constitute giving the government a disturbing amount of control over the private communication of citizens, which is something fraught with problems both ideological and, as I discussed recently, practical.

Without such incredibly expensive and invasive monitoring, any sort of court cases over the issue are out of the question on the simple grounds that nobody can prove beyond reasonable doubt that anybody said anything to anyone. Are we going to take little Johnny’s word and an easily doctored screenshot or print out as sufficient evidence to find little Timmy guilty of something? And even if we are, what punishment are we going to impose? Is little Timmy to be banned from Windows Live Messenger for some period of time? How would this be enforced? Timmy’s parents’ ISP could block connections from their computer to known Live Messenger servers (in principle, that is, once again for them to actually start doing this in practice would cost time and money to put the procedures in place), but that would indiscriminantly block everyone in Timmy’s household from using the service, including his well-behaved and angelic sister who has never flamed anybody in her life. It would also do nothing to stop Timmy from using emails or Facebook or any other online medium to continue doing exactly what he was doing before. The entire concept of any sort of government control of the problem is plainly riddled with problems and shortcommings and should not be taken seriously by anyone.

In summary: cyberbullying is something it is realistically impossible for the government to fix and absolutely trivial for individual parents, or even their children by themseles, to fix. All it would take is a minimal amount of education about something they really should have figured out for themselves by now. The supposed severity of the problem as it has been portrayed in the media is a gross exaggeration born staggering technial ignorance, and perhaps also cynical acceptance of the fact that sensationalist news about supposedly serious problems sells well. I only hope someone in the media or government actually realises this eventually, and I look forward to the day I never have to hear the term cyberbullying again.

While the UK government may conceivably be able to eventually muster the sheer amount of hardware required for intercepting and storing such a vast quantity of emails, it is entirely infeasible that they are ever going to have the ability to read any encrypted emails that they may have harvest. Furthermore, competent terrorists know this. Competent terrorists know they can use PGP or GnuPG to encrypt their emails and rest assured that the UK government simply cannot read them, short of physically apprehending the terrorists and torturing passphrases out of them. The very fact that as soon as a major terrorist incident happens the relevant government starts making loud noises about the threat encryption poses makes absolutely sure that terrorists know they can do this. So they will do it, and this scheme will fail at its intended task, wasting a horrendous amount of taxpayer’s money and putting undue strain on the country’s internet infrastructure. It’s a horrible idea.

But it gets worse.

All the innocent non-terrorists in Britain will, with a few rare exceptions, continue not to encrypt their emails, so these will be collected and stored by the government. This is a cause for tremendous concern because the UK government has recently made it embarassingly clear to the world that when it comes to the secure storage of sensitive data, they are nothing short of incompetent. Just look at these incidents – each of them from 2007. To be fair to the UK government, they’re not alone in this regard, and Google will help you find just as many or more breaches of a similar scale by the US government.

Naturally the loss and theft of hard drives and disks is bound to happen from time to time, but the possible impact of these breaches can be reduced to zero by using readily and cheaply available encryption technology. In none of the cases cited above was this data encrypted like it should have been, suggesting that data security is either not taken seriously by the UK government or it is handled by people not qualified to be handling it. When unencrypted disks full of everyday citizen’s personal emails are lost or stolen or bribed away from the government’s hands – and based on all the evidence we have so far, this is more likely than this email surveillane scheme actually thwarting a terrorist plot – end up anonymously posted to the internet, the consequences will be severe.

Details about people’s personal finances, love lives, political and religious beliefs will be exposed for all to see. Commerically sensitive material of every imaginable kind will be available to every company’s most feared competitor. Identity theft, industrial espionage, harassment and stalking are all likely consequences. The risk is simply far too great, and entirely disproportionate to any reasonably expectable benefits.

This rant says nothing about the basic principles of freedom and privacy that this issue obviously treads on (for a well-written and concise rebuttal to the standard issue “If you’ve done nothing wrong then you’ve got nothing to hide” justifications that are inevitably thrown around on this matter, see Bruce Schneier’s excellent “The Eternal Value of Privacy“), which are also well worth consideration. In an attempt to make the rejection of massive government surveillance programs appeal to a wider audience, in this post I’ve gone with a slight twist on an old saying and not resorted to considering malice where it is adequate to consider incompetence.

Although not relevant here, it bears mentioning in closing that the ideas of government incompetence at secure data storage discussed here should be the first thing that pops into your head when a government suggests (and, depressingly, this really does happen) that they should keep a record of everyone’s fingerprints, eye scans, DNA or any other biometric credential. When those details are lost or stolen (and how confident can you be that they never will be?), you can’t have them replaced like you can your credit card and passport. They’ll be on the internet for good.