Since encryption was developed, governments have sought to break it. Initially, these efforts were focused on breaking encryption used by other governments, as sophisticated encryption was beyond the capability of most private citizens.
Today, however, practically unbreakable encryption is available to almost everyone, in devices we carry around in our pockets. Wide availability of strong encryption has been a boon to consumers, whose digital data enjoys greater protection today as a result.
It creates problems for law enforcement, however, which may be unable to access information on phones or computers that contain evidence essential to their investigation of criminal behavior. Governments, on behalf of both law enforcement and national security entities, have asked companies to create “backdoors” in encryption algorithms to enable government access to protected information in time of need.
Tech companies, however, have uniformly resisted these requests, arguing that backdoors could undermine the very protection that consumers have come to expect. For this reason, the companies and privacy advocates have long resisted efforts by government to mandate backdoors.
Government calls for encryption backdoors have recently resumed, due in part to the extension of end-to-end encryption to more products and the pending U.S.-U.K. Bilateral Data Access Agreement, the first Executive Agreement under the CLOUD Act.
Why End-to-End Encryption?
Companies can use two methods to encrypt consumers’ messages.
- The first, more traditional method is to encrypt the message from the sender to the company, decrypt the message for processing, and re-encrypt for transmission to the recipient. This, of course, permits the company to see the message, and even store it on central servers for later retrieval.
- The second method, end-to-end encryption, encrypts the message on the sender’s device, and only decrypts it at its destination, on the receiver’s device. If the message is stored at the company at all, it is stored in an encrypted format that the company cannot decrypt.
End-to-end encryption offers a number of benefits to consumers, and companies have started highlighting end-to-end encryption as a selling point in their offerings. Properly implemented, end-to-end encryption prevents companies from viewing customer data. This means that the companies can’t use the customers’ messages to build profiles, target advertising, or re-identify de-identified information.
Indeed, end-to-end encryption has potential to mitigate or eliminate many end-user privacy concerns.
End-to-end encryption also helps consumers prevent third parties, including governments, from accessing private conversations. This has been touted as critical for activists under repressive regimes who are seeking freedoms that many take for granted. But it can also assist criminals in avoiding law enforcement.
Why Can’t Companies Give Law Enforcement the Keys?
Many people have asked why companies cannot develop backdoors to their encryption solutions and provide access exclusively to law enforcement, thereby providing the privacy benefits while eliminating the costs to law enforcement. For many reasons, this is not likely to work.
- First, no encryption scheme is perfect. In theory, we have developed encryption that is so strong that it cannot be broken until the heat death of the universe (or the advent of quantum computing). Unfortunately, in practice we often find out that the implementation of the encryption is flawed. Encryption algorithms are difficult to implement. To implement an algorithm that permits a reliable, secure backdoor is infinitely harder. So it is likely that the encryption itself will have exploitable flaws.
- Second, in practice the process of implementing the backdoor will itself be likely flawed. Threat actors often find a way to exploit any backdoor reliable enough for law enforcement use. These backdoors will be high-value targets for criminals, who could either exploit the backdoors or sell them to other criminals. For example, some years ago, the cell phones of many Greek government officials were tapped by means of unauthorized use of the wiretapping capabilities that, by law, are built into traditional communications networks.
- Third, it will be difficult for companies to resist demands for the keys from authoritarian regimes once the backdoors are built. Because these regimes exercise governmental authority in their respective countries, they have the legal power to demand that companies wishing to do business in their country turn over the keys to any backdoor that has been developed. And, of course, the broader the distribution of these keys, the more likely they are to fall into the wrong hands, subjecting communications to unauthorized decryption.
- Finally, some privacy advocates are concerned that U.S. law enforcement will use data sharing agreements to get around the Fourth Amendment. Backdoors into consumer encryption will only facilitate such access.
What Should We Do?
Those who call for backdoors, both for communications and the devices used to communicate, often claim dire consequences will ensue without them, but provide little factual support for their claims. Although it is possible for criminals to use encrypted communications to elude law enforcement, it is far from clear how often encryption actually prevents law enforcement from solving cases.
At least one law enforcement official has claimed to have a number of encrypted devices sitting useless in evidence, but fails to state how many prosecutions were thwarted because of encryption. The most famous example of an encrypted device that posed problems for law enforcement was resolved without the company at issue having to implement a backdoor (the FBI paid a “mysterious third party” who unlocked the device). And the FBI never disclosed what benefit it got from accessing the device after it bypassed the encryption.
Law enforcement access to encrypted information is not a simple problem to solve. Encryption backdoors could potentially have an adverse impact on consumers’ data security. Therefore, all potentially affected parties should weigh in on whether the potential cost is worth the purported benefits.