After the recent attacks in Paris, it seems as though the government and technology companies can’t seem to agree: is encryption good or bad? Is encryption aiding terrorists in their attacks or is it helping to prevent them from exploiting vulnerabilities?
The Information Technology Industry Council is made up of top tech companies, including Apple, Google, Facebook and Microsoft. It is clear where the ITI stand on the debate, making a clear statement last week to law enforcement and the national security community:
“Encryption is a security tool we rely on everyday... We deeply appreciate law enforcement and the national security community’s work to protect us, but weakening encryption or creating backdoors to encrypted devices and data for use by the good guys would actually create vulnerabilities to be exploited by the bad guys. Weakening security with the aim of advancing security simply does not make sense.”
In contrast, Homeland Security chair Michael McCaul believes that the ability for terrorists to use encryption to their benefit is enough reason to force technology companies to create “back doors”. This includes ways to guarantee that the government can gain access to users' encrypted data.
In an interview on CBS’ “Face The Nation”, McCaul explained what he believes is the largest threat to our national security:
“...the idea that terrorists can communicate in dark space. We can’t see what they’re saying… You need to factor in that analysis that there may be plots under way that we just quite frankly can’t see.”
The argument continues, countering the obvious- that encryption makes it more difficult for law enforcement and security agencies to track user data, including email, social media and text messaging. The department of Homeland Security believes that the attackers in Paris (ISIS) utilized encryption and the dark web in order to execute their attack. The ‘dark web’ refers to the majority of web pages in existence which Search Engines do not access. While law enforcement does their best to monitor this space, it could be a reason why intelligence and security agencies were unable to anticipate the attack in Paris. Not even a court order could assist in intelligence agencies’ ability to access this content/information.
The Hill reports that some lawmakers have moved to create legiSLAtion that would allow the government to access encrypted data for suspected criminals during pending investigations. However, last month the Obama administration decided that the White House “will not force tech firms to decrypt data”. This was decided before the Paris attacks and therefore this decision could be overturned given recent events.
In 2013, Edward Snowden began a movement for user security when he aided in the publishing of classified NSA documents. While we’re in an era when user security is priority, potential legislature would give government the tools needed to pursue investigations against suspected terrorists and criminals. Obviously, there are valid arguments on both sides of the encryption debate.
The encryption debate isn’t a new one. Technology companies, government agencies and lawmakers have been back and forth on this issue for years. Nonetheless, the debate has been re-ignited over the past two weeks in light of the tragic events in Paris.
Privacy and security is an important right for people in this country and around the world, but if we could prevent another attack by making some privacy sacrifices, is it worth it?
Top tech companies seem to unanimously agree that creating backdoor access to encrypted data, even if only for use by intelligence agencies, is not a worthwhile risk. Government agencies stand on the other end of the spectrum.. One thing is for certain, these two sides must quickly come to some conclusion before we have another tragedy on our hands.