Categories
Latest
Popular

Privacy or Public Security: The Debate on Encryption

Image Source: Pixabay

Image Source: Pixabay

Sometimes things that benefit us can be used against us: weapons that are made to protect us are used to harm us, sharp-edged tools that make our lives easier are pointed against us instead. But it isn’t the tool’s or the weapon’s fault, it’s the person using it.

There are times, though, that some people weigh its disadvantages more than the advantages. As a result, usage of said items is banned for the public. But what if the need for this time is so huge that even when the disadvantages seem very great the restriction or control of said thing can have a great impact on several industries?

This is the case with encryption, which is a process that encodes the data sent from computers so that only the intended recipient would be able to see the data’s contents. When it comes to cybersecurity and the protection of our privacy, as well as our important data, encryption is the frontline defense against those who would want to steal those data. And in this era, where a lot of private matters are settled online, such as banking, a lot of industries that depend on the Internet for something wouldn’t exist without the security presented by encryption.

Hidden Matters

Image Source: Heavyeditorial

An image accompanying Wikileaks’ hype tweets about Vault 7 (Image Source: Heavyeditorial)

Nowadays, encryption is important and is present everywhere that involves the transmission of data. This means everyone’s data is protected by encryption. But that also means that this protection can be used by dangerous elements as well. Criminals are people after all. They have every reason to want their private data secured, especially criminals that remain at large and are currently active. And these are not just your everyday average petty criminals, they could also be money-launderers, weapon smugglers, drug dealers, hackers, pedophiles, and ISIS combatants and propagandists that use the Internet to spread their ideology and entice people to join their cause.

This is a big issue for the law enforcement institutions: while protected by encryption, they won’t be able to detect the movements of these criminals and are essentially blind, limiting the possibilities of being able to stop their activities. For example, a deal between two drug syndicates fell through via a chat app that has good encryption. They decide when and where and the cops will never know, possibly only until the trade actually happened. Or messages between terrorists planning an attack. The good encryption between their iPhones means that no one can intercept the messages and they’re free to plan it and, eventually, pull it off. And the cops will never know when they’ll strike or where. This is frustrating for those whose task is to protect their citizens and their country. Director Christoper Wray of the United States of America’s Federal Bureau of Investigation even points out that encryption is causing them problems.

“To put it mildly, this is a huge, huge problem,” he said in a press conference. “It impacts investigations across the board—narcotics, human trafficking, counterterrorism, counterintelligence, gangs, organized crime, child exploitation.”

The Secret War

And this is part of the reason why intelligence agencies around the world, like the CIA, hire teams of hackers to break into people’s phones. Wikileaks’ Vault 7 leaks show just how much they acquired over the years. They use methods to hack and bug every electronic device so they can detect the presence of dangerous elements.

But if the CIA or other agencies with hackers can do it, then so can other dangerous elements. And whenever some big break like this happens, like the recent case of Equifax breach, people would call for stronger security measures, which would mean stronger, newer means of encryption.

And the process cycles on and on. It’s a battle between the developers and tech companies who want to provide better security, versus hackers from all the other sides trying to break the encryption and steal the data. It’s a secret war that’s being waged every day between individuals, companies, and countries.

Should we Let Law Enforcement Have The Keys?

Image Source: Telegraph.co.uk

Trump’s administration calls for “responsible encryption” (Image Source: Telegraph.co.uk)

That depends on the person asked. The capability of a state to protect its citizens is also affected by how the state treats it’s citizen’s privacy and this is very true when it comes to encryption. There are plenty of reasons to be against it though:

  1. The private data they might be able to gather can be used against you. Imagine you have, say, some kinky sexual fetish that you want to be kept secret. You’re also from the “x” political party that criticizes the other party’s shortcomings. The current reigning political party is “y”. They might use the data against you as blackmail so you’d switch sides or be kept silent.
  2. Even if law enforcement has the keys, it doesn’t deter other parties from trying to find a way to break your encryption and steal your data anyway. There is no perfect system. Everything has a weakness and eventually that weakness will be discovered and exploited, as demonstrated by the Vault 7 leaks.
  3. Even if the law enforcers managed to break the encryption, it doesn’t mean that the other parties would be able to break it as well, if the encryption is strong enough.

Should we Let Law Enforcers Hack?

Yes. Very much. They still need to find a way to protect the citizens and being able to gather people’s data is the shortest route to that goal. They can weed out the bad guys faster that way before they can even do damage. By letting them gather hacking tools and methods they can get those much-needed data faster.

So Why Not Just Give Them The Keys?

Because we should maintain a position where we can always demand respect for our privacy. It makes them accountable for the data they have gathered so that it won’t be misused. This means that they can’t just do whatever they want with our data. They can’t blackmail us or use the data to steal from us because everyone else will criticize them for it.

Conclusion

Encryption is too important to regulate, but too dangerous when it gets too strong. There’s only one way for law enforcement to solve this paradox and that’s to play the devil’s advocate: they need to break encryption themselves and be part of the ones breaking the law. To keep the importance of our privacy we must make those who handle them accountable. There needs to be a middle way between law enforcement and respect for privacy.

Christopher Wray even admits this. “I get it,” he said. “There’s a balance that needs to be struck between encryption and the importance of giving us the tools we need to keep the public safe.”