United States Attorney General William Barr’s take on encryption might be coming from a benevolent place, but that doesn’t necessarily mean that he knows what he’s talking about. Barr has been reaching out to popular social media networks like Facebook, requesting full elimination of end-to-end encryption.
Facebook has been working on end-to-end encryption services to protect its user’s messages, a much needed service given the amount of information and data Facebook collects from unwitting users who deserve their privacy.
Barr, in conjunction with the current acting Secretary of Homeland Security Kevin McAleenan, represent the United States in the request to pause the encryption plan. Several representatives from other countries, such as Australian Home Affairs Minister Peter Dutton and the United Kingdom’s Secretary of State Priti Patel, have joined Barr’s effort.
Barr claims his intentions are to stop the distribution of child pornography. Undoubtedly, this is a worthy initiative. Any sane person would want the same thing. Barr claims that encryption that is “warrant proof” will only protect these criminals. The biggest thing to consider here is that Barr is barking up the wrong tree.
Banning or Prohibiting Encryption Wouldn’t Do Much
Crimes are discussed and horrible images are circulated every day. This happens without encryption on Facebook messaging services. Facebook has always been compliant with law enforcement requests, and they monitor, flag, and report all suspicious images to the National Center for Missing and Exploited Children. They account for the overwhelming majority of cases the NCMEC handles. In fact, 90% of their total caseload in 2018 came from Facebook.
The moral of the story is that these images are being freely shared without encryption as things stand. They’re often passed around the open internet in plain sight. Prohibiting encryption of messages is unlikely to stop a problem that already exists – offenders and child groomers have yet to care that Facebook can see everything they’re doing.
In fact, they’ve been able to encrypt their messages this entire time. They’ve chosen not to. Facebook has always allowed encrypted messages via its Messenger app – it’s as easy as selecting the option that says “Secret Conversation.” Yet, the overwhelming majority of criminals communicating via Facebook have failed to tap that tiny button.
Facebook is utilized by dumb criminals. Smart criminals would never choose a popular social media network for a crime. There are countless other end-to-end encrypted messaging services and open source encryption libraries that already exist and cannot be undone.
There Is No Magic Wand That Unencrypts Information – And It’s Bad When There Is
So what about those other platforms? Well, the thing about banning encryption is that it’s only an enforceable ban if you know who is responsible for it. Someone on an encrypted website hosted on a remote server utilizing a stealth VPN could live an entirely encrypted life without anyone ever knowing about it. There is no magic key that will break any encryption, because that’s how math works. It’s meant to withstand any attempts to be solvable, and it does a really great job.
The only exception is “backdoored” encryption, something former FBI Director James Comey attempted to push for during his time with the bureau. The problem with leaving a backdoor in anything is that anyone who knows how to pick a lock can get in. If there’s a vulnerability, a competent attacker will find it. If that vulnerability is the same for all encryption, nothing is safe anymore.
People might feel more inclined to share highly private information in an encrypted message. For example, a husband might need his wife’s credit card information to pay a bill while she’s away on a business trip. She sends him this information in an encrypted message, a move that would have been much safer if there hadn’t been a “backdoor.” A hacker who knows exactly how to access this backdoor now has this woman’s personal information and credit card number.
This defeats the entire purpose of encryption. If there is a deliberate, planned vulnerability, the encrypted content is no longer safe.
But what about the criminals? Well, they’re already breaking the law and discussing it with other criminals. Do you really think they’ll strictly adhere to government compliant encryption? If they have no problem breaking the law, it’s unlikely that utilizing a different kind of encryption would remain too far outside of their moral compass. At the end of the day, it becomes the same as the argument for banning guns – bad people will find a way to get them anyway.
Do We Really Want the Government to Have Access to Everything?
Let’s turn back the clocks to the Patriot Act and the panic over the NSA. The US started spying on its citizens and collecting information. Most people feel freaked out when they see a targeted ad on Facebook – they feel vulnerable. Now consider the idea that the government is demanding access to every conversation everyone has at all times.
Is that something that the American people should feel comfortable with? Is that move in line with the constitution? It’s troubling to consider.
It will always be important that child predators be made to face the full force of the law. They are a scourge on society and we have a duty to protect our children from malicious people who intend to harm or exploit them. That will never be up for debate. But is it worth sacrificing the privacy of the overwhelming majority of people who would never do that, only to tenuously, minimally increase the chances that it might help catch a few more of the dumber criminals?
The end result will be that the smarter criminals will move to other open platforms, where many of them already are. They will continue to use the same approach they’ve been using on those platforms, because that approach works for them. Good people will be left with no privacy, and the internet won’t be secure. Who wins here?
Privacy and Free Speech are the Most American Things
If you’ve not been following the news, China (including Hong Kong) and Russia are making it even harder for people to have secure access to the internet. The government watches every move. Our ability to safely browse the internet and send encrypted emails isn’t specifically to assist us with crimes – it’s to keep us safe. Not just from the government, but from data thieves and malicious entities who can steal our personal information for their own gain. Attempting to rescind fill encryption only jeopardizes everyone by leaving us vulnerable, and to add insult to injury, giving the government permission to spy on us.
Utilize an encrypted mail service. Share personal files in encrypted format. Encrypt your internet browsing with a VPN and protect your house WiFi with a VPN router. This is your right to privacy.