Ending End-to-End Encryption
Week of 10th February 2020
The tug of war between governments and technology companies on security have been ongoing for years, but the recent proposal from Senator Linsey Graham which essentially allows the government access to End-to-End Encryption (E2EE) communication quickly faced backlash from the technology companies. Tech experts argued about privacy linked to spying or hacking, and lack of freedom of speech. Note that Senator Graham never once mentioned “encryption” but stated the need to end child exploitation online.
Facebook, intentionally or not, again got pulled into this conversation as they also announced, to the government’s dismay, that they will implement E2EE to its services (note that Whatsapp already has E2EE). Let's hear dfferent expert’s views, including one who disagreed vehemently to Bloomberg’s Leonid Bershidsky's opinion.
If time is limited, I highly suggest reading the following:
From the web:
by William Gallagher
No, Bloomberg, End-to-End Encryption isn't a worthless "marketing device"
by Edward Snowden
Without encryption, we will lose all privacy. This is our new battleground.
From our Chief Opinionator:
Is ending End-to-End Encryption the only way?
Allow me to make a disclaimer. I am not an expert in end-to-end encryption (E2EE) technology nor anything technology focused. You can call me a case of a millennial luddite.
What I do know, however, is that I care very much about diminishing crimes to increase our security. This shouldn’t be a give and take scenario. One shouldn’t compromise security in one corner of our lives in order to fight crimes in another.
Recently the US government has reignited the discussion of scrutinizing E2EE on the back of Senator Lindsey Graham’s concern on online exploitation of children. It is a legitimate concern that definitely should be addressed, but to address it by forcing technology companies to end end-to-end encryption is dialling back the world of security. Note that I am not discussing about privacy, but security.
In order to catch online criminal activities, such as child pornography, terrorism, etc… , the government would like to monitor high-risk conversations and is asking for access to messaging services that have E2EE built in, such as Whatsapp. One way is to add a “backdoor” such as what the Australian government has done in 2019. Another way is for technology companies to drop E2EE altogether. On the surface, it does seem like a good way to shut down crime rings and terrorisms. However, what is also true is that it also creates vulnerability for hackers, foreign governments or other snoopers to read your messages and obtain copies of files sent across the internet, and their intention may not be of a noble cause. We then end up giving up security in one aspect in exchange for security in another.
The technology world is arguing that there are other ways to fight crimes. Senator Lindsey Graham, who is now leading the bill to end E2EE, was a lawyer, mostly within the US Air Force prior to becoming a politician. Senator Graham is many things, but he is not a technology expert. If the government is truly trying to protect a nation, they should listen to the tech experts, discuss and be advised, as opposed to a top down enforcement prior to understanding all details and ramifications, such as what the Australian government has done.
I believe Senator Linsey Graham’s concern is an important one, but the government shouldn’t lose sight of its intention and end up focusing on the end-to-end encryption technology, assuming child pornography is not just a front for population wide spying.
Like all decisions in life, there is a butterfly effect. Some effects are more significant than others. Ending E2EE seems to send a long term shockwave of a butterfly effect and exposes the world to more discontentment.
Protect our children, but also protect our online security please.