be subject to surveillance on a massive scale and that the contents of many private conversations may be stored for potential use in protecting national security, fighting terrorism, etc. In addition to surveillance by the state, telecommunications may be vulnerable to various kinds of criminal interception for financial, political, or personal motives, including by individuals who are known to the person who is being targeted.
Encryption
The probability of a loss of privacy may often be small, but virtually all internet communications can be intercepted and material can be stolen or altered. Privacy in telecommunications can be greatly protected by careful use of “end-to-end encryption” (E2EE), which ensures that the content of communication is encrypted everywhere in the internet apart from the end-points, where it has to be intelligible. Platforms that use E2EE ensure that any communications intercepted in the internet will not be intelligible to any third party, although no encryption method is absolutely secure.
Endpoint security
One problem that is often overlooked is “end-point security”, the need to ensure that communications are not being intercepted before they are encrypted, or after they are decrypted. This means protecting the devices that are used (computers, tablets, smartphones, etc.), the environments in which the devices are used, and ideally ensuring that no one else uses these devices. If a telephone or computer used by either a psychoanalyst or a patient has been compromised, unencrypted data may be being copied to a third party by malware that has been installed without the user’s knowledge. There are software programs that can be covertly installed on a device and easily record the keystrokes made on it, or audio or video captured by its microphone or camera, thus breaching “end-point security”. Thus, even if “end-to-end encryption” across the network is good enough, the security of the communication system as a whole can be vitiated by inadequate endpoint security at either end. A chain is only as strong as its weakest link. While patients are generally not at liberty to have a separate device that they use for their treatment which ensures that others do not compromise them, analysts do have the power to use computers and phones that are not available to interception.
Loss of privacy in the classical setting
Much of the above discussion implicitly assumes that the classical setting today is continuing to offer relative privacy in comparison with telematic settings, but the extent and severity of the risk of eavesdropping even in the contemporary classical setting is uncertain. When analyst and analysand are physically co-present in the consulting room or office, and if one or both parties has a phone or other device in the room or nearby, there is still a degree of risk. If a phone has been compromised by malware, for example because its owner has unknowingly responded to a “phishing” message, it may be being remotely accessed without the owner's knowledge. Additionally, analysts should be alert to how easily cell phones can be set to record conversations, intentionally or inadvertently. In this regard one suggestion would be to request that patients leave all phones, watches, and computers outside the consulting room. The existence of a risk rate even for the classical setting makes the difference between it and the online setting not an all-or-nothing matter, but a matter of degrees.
IMPLICATIONS FOR THE IPA AND ITS MEMBERS
Made with FlippingBook - professional solution for displaying marketing and sales documents online