The genie is out of the bottle – it's foolish to think encryption can now be banned

January 5, 2016 by Adam Fish, The Conversation
Credit: Perspecsys Photos, CC BY-SA

Politicians have turned their sights on encryption once more following terrorist outrages in Paris and San Bernardino, California.

A country that once welcomed encryption, France is now considering outlawing it in the wake of the massacre in its capital. In the US, politicians and law enforcement have made similar demands, as has the British prime minister, David Cameron.

Encryption creates trust. It is the underpinning of the internet, ensuring the privacy of mail, commerce, and transactions of all kinds. End-to-end encryption, where data such as texts, emails, or other messages are encrypted in transit and in storage, and where no third party other than those communicating have the keys to decrypt it, has come under particular criticism.

Certainly it is difficult if not impossible to crack, and poses a serious problem for investigators. But the Paris attacks were not aided by encryption – the attacker's unencrypted mobile phone, which was found in a bin, led police to their safe house. Abdelhamid Abaaoud, the Belgian-Moroccan ringleader, communicated without encryption.

When in San Bernardino police claimed to have found that the terrorists used "levels of built-in encryption", Christopher Soghoian, principal technologist at the American Civil Liberties Union, dismissed this as nothing more than the standard encryption built into the 2G/3G/4G communications protocols that carry data between the phone handset and network transmitter masts. In other words, an unremarkable part of how mobile phones work.

Wanting to keep out prying eyes is only natural. Credit: yusamoilov, CC BY

It is clear that the Islamic State is aware of and uses encrypted communications, however. The US Army claims IS uses up to 120 different online platforms for communication, including messaging services such as WhatsApp or the encrypted Telegram service to organise, socialise, recruit, and for use as a press outlet. Telegram was used by IS to claim responsibility for the Paris attacks and the bombing of a Russian airliner over Egypt.

No safety in backdoors

So with this in mind, Western leaders want powers to decrypt communications. Particular ire has been directed at tech companies such as Apple, Google and Facebook which, by providing encryption in their popular products, have made investigators' work harder. FBI director Jim Comey urged them to prevent terrorist communications from "going dark". Even just using encryption makes you a suspect in the eyes of the law.

Governments want "backdoors" written into to provide privileged access to and secret services. But tech companies are generally moving in the opposite direction, with Apple CEO Tim Cook calling backdoors "incredibly dangerous". Other smaller companies like Signal, Silent Circle, Wickr, Protonmail and Mega also offer encrypted communication platforms.

The principles of privacy

On the other hand, Germany promotes the use of encryption by its citizens. However, the EU has no overarching policy on encryption. While the forthcoming General Data Protection Regulation specifies that data must be encrypted when in storage, it doesn't address end-to-end encryption and data in transit.

The UN, in both principle and practice, rejects efforts to criminalise or restrict encryption. Article 12 of the UN Universal Declaration of Human Rights argues that "no citizen should be subjected to arbitrary interference of their privacy, family, home or correspondence." UN special rapporteur on freedom of expression David Kaye has argued:

States should avoid all measures that weaken the security individuals may enjoy online, such as through backdoors, weak encryption standards and key escrows [where encryption keys are held by third parties to be handed over to police on demand].

If civil society groups had their way encryption would be protected. Rainey Reitman of the Electronic Frontier Foundation has argued that weakening encryption makes us all less secure, and that any backdoor can and will be exploited by malicious hackers or foreign powers.

The powers they need already exist

Are laws banning strong encryption even necessary when the NSA, GCHQ or police can just hack our communications? Developers of Tor, software used for anonymous online communication, claim the FBI paid Carnegie Mellon University researchers to hack Tor, something both parties have denied. Controversial Italian security firm Hacking Team were found to have monitored Tor for the FBI, and Edward Snowden's leaked files revealed NSA efforts to monitor millions of computers by infecting them with malware.

Considering how widely used and important encryption is, and how little it is employed by terrorists, it's arguable that government hacking is preferable to enforcing backdoors that make us all less safe.

In truth, encryption is so pervasive and so easy to build into new software that it's practically impossible to ban. Phil Zimmermann, who invented free encryption software PGP, said any proposal to ban encryption was "absurd":

End-to-end encryption is everywhere now. If you have strong encryption between your web browser and your bank, you can't have a man in the middle from the government wiretapping that.

Melvin Kranzberg, a professor in the history of technology at Georgia Tech, famously said: "Technology is neither good nor bad; nor is it neutral." Proponents of banning encryption fail to recognise how encryption helps journalists, whistleblowers, and those who face oppression under authoritarian regimes, while civil rights activists must recognise that could be a powerful tool for those who would do society harm (government or otherwise). But while expectations of privacy fluctuate around the world and over the years, the value of privacy is constant.

We will make no progress by blaming the technology – whatever technology of the day that may be – instead of addressing the root causes of the antagonism that drives people to use it.

Explore further: Making sense of the encryption debate

Related Stories

Making sense of the encryption debate

December 22, 2015

Last week, candidates in both the Republican and Democratic presidential debates offered some interesting views about the Internet. Whether it was Donald Trump suggesting that parts of the Internet be closed, saying "I would ...

FBI director warns against cellphone encryption

October 16, 2014

(AP)—The FBI director is warning against smartphone encryption. James Comey is talking about tech companies like Apple and Google that say their new operating systems will be encrypted, or protected by coding. Comey says ...

Tech firms, activists press US on encryption

May 19, 2015

Some 140 tech companies, civil liberties and privacy activists urged the White House Tuesday to pull back efforts to weaken encryption or include law enforcement "backdoors" on technology products.

Data encryption in sharp focus after deadly attacks

December 12, 2015

With renewed focus on how encrypted messages can be used to plot terrorist attacks, President Barack Obama's administration is stepping up pressure on the tech sector to help in the battle.

Recommended for you

A not-quite-random walk demystifies the algorithm

December 15, 2017

The algorithm is having a cultural moment. Originally a math and computer science term, algorithms are now used to account for everything from military drone strikes and financial market forecasts to Google search results.

US faces moment of truth on 'net neutrality'

December 14, 2017

The acrimonious battle over "net neutrality" in America comes to a head Thursday with a US agency set to vote to roll back rules enacted two years earlier aimed at preventing a "two-speed" internet.

FCC votes along party lines to end 'net neutrality' (Update)

December 14, 2017

The Federal Communications Commission repealed the Obama-era "net neutrality" rules Thursday, giving internet service providers like Verizon, Comcast and AT&T a free hand to slow or block websites and apps as they see fit ...

The wet road to fast and stable batteries

December 14, 2017

An international team of scientists—including several researchers from the U.S. Department of Energy's (DOE) Argonne National Laboratory—has discovered an anode battery material with superfast charging and stable operation ...


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.