That seems to be what many U.S. lawmakers and law enforcement officials think is the answer to tracking down terrorists, both before and after nefarious misdeeds. Such access would make the government’s job of protecting citizens, and that of law enforcement efforts to make us safe from terrorists. Such thinking is wrong. Encryption should not have a backdoor, and certainly not an easy way for the government to break into a citizens personal and private information.
Why? What’s wrong with a backdoor key to gain access to encrypted data?
Think about the purpose, then think about various scenarios where such access could be used. Once a key to encryption is provided to authorities, then everyone who uses that particular encryption variant is subject to attack. First, attackers, hackers, and foreign governments will do everything possible to find and use the encryption key which unlocks the backdoor to everyone’s encrypted data.
One key for criminals and terrorists also means one key for everyone else.
Fortunately, Apple has provided customers with software than can encrypt communication and files which makes them impossible to unlock without the front door key or password, and you’re in control of that. Also fortunately, the U.S. government has more than a few people who recognize the problem and understand that some proposed solutions will not work for masses of citizens.
Encryption is inexorably tied to our national interests. It is a safeguard for our personal secrets and economic prosperity. It helps to prevent crime and protect national security. The widespread use of encryption technologies also complicates the missions of the law enforcement and intelligence communities… those complications cannot be ignored. This is the reality of modern society. We must strive to find common ground in our collective responsibility: to prevent crime, protect national security, and provide the best possible conditions for peace and prosperity.
Fair enough, but the debate has been entirely binary to date. It’s either or, this or that.
That is why this can no longer be an isolated or binary debate. There is no ‘us versus them,’ or ‘pro-encryption versus law enforcement.’ This conversation implicates everyone and everything that depends on connected technologies—including our law enforcement and intelligence communities. This is a complex challenge that will take time, patience, and cooperation to resolve. The potential consequences of inaction—or overreaction—are too important to allow historical or ideological perspectives to stand in the way of progress.
Quantum computing aside, any move to ban encryption or to require backdoor access to encrypted data is doomed to fail for a variety of rather obvious reasons.
Encryption technology is a global technology that is widely and increasingly available around the world.
That means criminals, hackers, and unfriendly foreign entities may be able to gain access to your information, but because encryption can be rolled and created by those same entities, including terrorists, law enforcement agencies will still have the same problems gaining access, yet the citizens they are sworn to protect will have less protection.
The variety of stakeholders, technologies, and other factors create different and divergent challenges with respect to encryption and the “going dark” phenomenon, and therefore there is no one-size-fits-all solution to the encryption challenge.
Not even banning any form of encryption will solve the problem of access, but that does not provide an answer that covers both sides of the fence.
Encryption Working Group again:
Encryption technology is free, widely available, and often open source.5 Law enforcement stakeholders acknowledged to the EWG that a Congressional mandate with respect to encryption—requiring companies to maintain exceptional access to data for law enforcement agencies, for example—would apply only to companies within the United States. The consequences for such a policy may be profound, but they are not likely to prevent bad actors from using encryption.
Apple, and few other technology gadget makers, seems to have taken the side of personal privacy and security, while other tech companies– Google, Intel, Microsoft come to mind– seem to be more pliable and flexible with regard to customer data.
Thank you, Apple. But this issue is not over and thanks to rapid changes in governments and policies, not likely to have a good conclusion.