US Senator John McCain told reporters that he will be holding hearings and will pursue legislation to require companies to provide the government access to certain encrypted user data. However, encrypted P2P platforms for secure communications are designed so that the companies hosting the services don’t have access to the content, which would create a problem if these businesses were forced to give up this information. Such legislation would require companies to completely redesign of many flagship products, and would ultimately hurt their business in general.
The Continued War on Encryption
In my article regarding encryption being scapegoated after the Paris attacks, I explained how regulating encryption would have no effect on how criminals use the technology to communicate. Most P2P encryption services are open source, and it’s not that hard to create a personalized encryption system using the vast databases of available code. The simple fact is, if governments attempt to regulate encryption, the only people that will be affected are the law-abiding citizens who use those services for personal privacy. With minimal coding knowledge, it is possible to implement a very simple encrypted directory of files to store information in a way that would prevent law enforcement from accessing it. With moderate experience, it’s possible to create an entirely new platform and install it on a mobile device.
Trying to ban a technology that is used harmlessly by millions of people and a technology that would still be readily available to those that would use it for illicit use is inefficient and bad policy. Legislation on the matter would only reduce individual privacy without providing any benefit towards stopping terrorism attacks or other criminal activities. Most people that would do something illegal in the first place wouldn’t mind using encryption technology if that was also illegal, especially if they could prevent law enforcement from finding any incriminating evidence.
Before the attacks on Paris, the debate on encryption had all but faded after the White House announced that it wouldn’t seek legislation requiring companies to provide law enforcement with back door access to their services, but all of that has changed. Unfortunately, if back door access is required for encrypted messages, there is no way to prevent criminals from gaining access to the modified “encrypted services.” Encrypted services are designed to be ultra-secure and adding a back door would compromise the security of the entire platform and ultimately harm consumers that use the technology harmlessly.
The wording of the proposed legislation will be extremely important on whether or not it passes. To pass such legislation would destroy the security and integrity of legal solutions of encrypted technology while criminals would continue to use illegal sources of the technology without much hindrance. Unfortunately for tech and privacy advocates, it looks like another war on cryptography is about to begin — right when it seemed to be fading out.
What do you think about regulation regarding encryption? Let us know in the comments below!
Images courtesy of Pixabay.