Encryption is a way for people to keep their online data secure, whether that’s from the prying eyes of worldwide intelligence agencies, hackers with dollar signs in their eyes, or over curious friends. The growing demand that law enforcement agencies should have a way to bypass these protections is a worrying idea.
For many decades now, people have tried to find ways to make their data impossible to read by those who didn’t have the key. In the digital age, that has translated into encryption protocols that are harder and harder to break. These protocols help protect our emails, our online text message, and so on.
Encryption has been widely used by tech companies to secure the connection between their servers for a long time now, but end-to-end encryption delivered to users has only grown in popularity over the past few years, following the revelations made by whistleblower Edward Snowden regarding NSA’s sweeping surveillance tactics.
Messaging apps like Signal, Telegraph, and even WhatsApp have skyrocketed in popularity in the past couple of years, since they promise total protection against outside intrusion.
Furthermore, Google has been pushing towards an increased adoption of HTTPS, which is the protocol over which data is sent between your browser and the website you’re looking to visit. This is the improved and secure version of the regular HTTP and Google has started marking unsecured websites via Chrome, the most used web browser in the world, as it wants more and more websites to encrypt their users’ data and, therefore, aid in anonymizing your Internet experience. Of course, while someone watching will know you’ve visited a certain website, they won’t know what you did there specifically. Furthermore, HTTPS also makes it near impossible for attackers to steal your sensitive data like credit card details, login credentials and so on.
Just an excuse or a real issue?
It’s not only online services that promise encryption, but also devices, such as smartphones. The iPhone, for instance, encrypts your data by default, and so do most Android phones nowadays. Unless someone has your pin code, they can’t read the data on the device, which becomes jumbled and unreadable.
A few years ago, this iPhone feature was at the heart of a massive scandal after the FBI required Apple to provide them with a decryption key in order to crack open the phone of one of the San Bernardino shooters. When Apple said this is impossible because there is no master decryption tool for anyone to use, the FBI took them to court. Ultimately, the FBI found another way to crack the iPhone. To this day, the agency refuses to reveal how exactly it bypassed the iPhone’s encryption, although it was sued by media organizations to reveal it. The spy agency essentially said that it won’t expose its technique because it can still use it to crack open devices used by other criminals.
The heads of the US national intelligence agencies have long advocated in favor of law enforcement agencies being provided with some sort of backdoor into the encryption protocols used by tech companies. Most recently, British PM Theresa May has also said that something needs to be done because those very same apps that protect regular people’s privacy are also offering terrorists cover.
Great risks for regular users
This is a rather delicate problem. How much privacy are you willing to sacrifice for what may be a false-sense of security by giving the government a way to crack open your communications at will? How can we trust the government agencies to protect our privacy? Snowden’s files have revealed that it’s not just the NSA that will snoop in on innocent people, but other intelligence agencies too, from all corners of the world. It may be a gross generalization, but we can probably say that every intelligence agency on this planet has similar tools to what the NSA possesses, whether officially or not.
Let’s say that, somehow, someway, tech companies agree (read “are forced”) to provide these encryption backdoors. Who’s to say that law enforcement agencies won’t leak the keys? It’s not like they’ve never had inside leaks, whistleblowers, or have been hacked. Who’s to say they won’t abuse the power they have whenever they see fit?
Governmental agencies want us to believe that they can keep us safe if we give up some of our privacy, but, in the end, that can’t be farther from the truth.
Thankfully, at the very least, the European Union is reportedly discussing straight out banning such encryption backdoors across its member states, so that none of the member countries can abuse their power by commanding tech companies to open up to them.
It is a conflicting situation, one that has you torn between wanting terrorism to disappear, but also wanting safe and private communications because you did not do anything to warrant the government snooping in on your messages, emails and so on. In the end, the truth is that those messages send by terrorists that intelligence agencies and politicians want to get their hands on by any means won’t probably help much to stop any kind of attacks. They might, however, reveal who these individuals were talking to; on the other hand, this should have already been known by those very same spies that were supposed to keep an eye on them.