Last week, at a cybersecurity conference at Fordham University, US Attorney General William Barr stated: "We are confident that there are
Last week, at a cybersecurity conference at Fordham University, US Attorney General William Barr stated: “We are confident that there are technical solutions that will allow lawful access to encrypted data and communications by law enforcement, without materially weakening the security provided by encryption.”
As soon as you introduce an alternative method that allows a third-party to intercept and decrypt messages, you increase the chances that bad actors can also break the encryption.
Today, Attorney General Barr gave a speech on encryption and became the latest DOJ official to recycle debunked arguments about the need for “lawful access” to encrypted data. https://t.co/znaE0CVkSi
— EFF (@EFF) July 23, 2019
By the way, it’s not just bad actors. I’m not sure we really want the government to have this kind of access. Of course, the government says it needs this in order to fight crime and terrorism, and that’s certainly understandable.
I don’t think any of us are on the side of “more terrorism,” but that’s not how this works. We don’t, in a free society like the United States, impose undue restrictions on the liberty and privacy of everyone in order to prevent bad behavior by a few.
This is a battle that has been simmering for some time now. Barr’s predecessors have previously made known that the government believes it is imperative that they be able to access encrypted messages, and the Attorney General echoed those concerns.
“This form of ‘warrant-proof’ encryption poses a grave threat to public safety by extinguishing the ability of law enforcement to obtain evidence essential to detecting and investigating crimes,” Barr said in prepared remarks. “I am here today to tell you that, as we use encryption to improve cybersecurity, we must ensure that we retain society’s ability to gain lawful access to data and communications when needed to respond to criminal activity.”
For their part, Apple and Google have resisted the government’s attempts to require them to go down this road. In fact, Apple refused to assist the FBI to access the iPhone used by the San Bernadino mass-shooter. At the time, Apple made clear that it was unable to help, whether it wanted to or not. Encryption prevented even the company from accessing the device.
Those experiences are certainly frustrating for law enforcement, and have led to the push to require legal access to encryption schemes.
But end-to-end encryption isn’t just used for messaging apps. It’s used to protect financial transactions, bank records, medical records, and other digital transactions. The very nature of providing a backdoor weakens encryption since it now no longer requires the recipient’s authentication key exclusively in order to decrypt the file or message.
That means in addition to providing access to the government, all of that information would be at risk of being exposed by hackers, foreign spies, and cybercriminals.
Technology has been an incredible force of change in our world, and I agree we should acknowledge that it hasn’t always been positive. On the whole, however, I think you have to ask yourself whether you’re really comfortable living in a world where the government is able to access your deepest, most personal information.
The opinions expressed here by Inc.com columnists are their own, not those of Inc.com.
This article is from Inc.com