In the wake of the horrific terrorist attacks that occurred in Paris last weekend, the question hanging in the air is whether or not there is anything that can be done to prevent such tragedies. Foreign policy and attitudes towards refugees have taken center stage, eclipsing what could become a very serious issue: encryption.
Ever since the Snowden revelations, it seems that regulators are desperately grasping for justifications for snooping into data, even as companies have sought to demonstrate their commitment to providing security for consumers. I wrote an article last month which tackled Apple’s policy on encrypting data. The recent attacks look like fertile ground in which to sow the seeds of such a justification. But even the truly awful nature of the terrorism occurring overseas does not convince me to relax my stance on what I see as one of the most important policy issues of our day.
Policy makers have sought to blame the effectiveness of the terrorist attacks on the use of encrypted communication, causing Russia to push for a ban on encrypted services like Telegram. In the U.S., Silicon Valley is beset by politicians from all sides. Pavel Durov of Telegram skillfully set forth his opposition with an incisive and sarcastic quip for the Moscow Times ‘I propose banning words. There’s evidence [to suggest] that they’re being used by terrorists to communicate.’
I would hope that government officials’ arguments in support of creating backdoors are due to ignorance. The worst thing that could come of tragedies like the Paris attacks would be that they be used manipulatively. In the words of Chris Riley of Mozilla to International Business Times, ‘creating policy from a reactive posture is inherently problematic.’ I couldn’t agree more. The same IBT article mentions a letter signed by several leaders in the tech industry, including Mozilla, asking Obama to reject any proposals requiring backdoors to encrypted data. Such a proposal could set dangerous precedents, not only in the U.S., but worldwide. This includes countries with governments that have a history of gross violations of the trust and rights of their citizens. Once a backdoor exists, there is no way of controlling how or when it is used or by whom.
The idea that Durov so insightfully set forth in the above quote is an essential part of the debate that is obscured by the reactionary sensationalism prone to set in after such events as these attacks. If encryption is banned or companies are forced to provide backdoor keys to the government, terrorists and criminals will find other means of executing their goals.
Encryption is a technique, and it is not something that can be fully legislated against. It’s impossible for any government to prevent everyone from using encryption. It can be banned and made illegal, but that does not stop people from using it or putting it in place. After all, bombing cities and killing innocent people is also illegal, but terrorists continue to perform such acts. Only those already willing to cooperate with regulation would comply with providing backdoors to encrypted data. The government would be no closer to hamstringing terrorists.
Even if the government was somehow able to successfully breach all encryption, terrorists would only find other means of communicating, just like they did before encryption was accessible. By making encryption essentially useless – and just as easy for hackers, criminals, and oppressive regimes to break as it is for whoever it is that’s supposed to be protecting us from terrorism – policies that require backdoors wouldn’t hurt anybody as much as they would hurt average citizens.
We can only hope that the tech companies defending data encryption, and those aware of the dangers inherent in allowing for backdoors, can convince politicians to reconsider the matter. We should not let more corruption and injustice come of the evil that we currently mourn.