Encryption Backdoors Weaken National Security, Invade Personal Privacy, and Endanger the US Economy

Written by Greg Norcie

2016-02-18-encryption-backdoors_blog

As some of you may have noticed, backdoors are back in the news again. Much will be written about this subject in the coming weeks, but today I want to make 3 key points:

First, let me be blunt: weakening encryption is a security risk. And that’s not just my opinion – the former head of the CIA (and former director of the National Security Agency) General Hayden agrees with me. Ladies and gentlemen, we are not going dark – we are going bright. Harvard recently published a report showing that metadata continues to be unencrypted, and in fact is often the most important form of data since it is the most easily analyzed. CDT’s President has also noted that weaker encryption puts much of our essential personal information at risk, including medical records, banking information, and legal correspondences.

Second, weakening encryption weakens what makes America great – our respect for individual rights. Privacy and free expression are core American ideals. The United States Supreme Court has said that “Anonymity is a shield from the tyranny of the majority.” The US has a long history of anonymous political speech, and many privacy enhancing technologies utilize strong encryption.

We should not weaken liberty in the name of security, especially not when Americans are more likely to be crushed by their televisions than killed in a terrorist attack.

Third, weakening encryption will impede trade. For example, the Chinese government says they do not want any “pre-owned” software in their supply chain, and are moving towards open source solutions. An American company, required to weaken its products, cannot compete in the global marketplace.

Furthermore, not every country has the same strong free speech protections we have in the United States. Many European countries make “hate speech” a crime. What happens when a government asks a company to help identify a user who posted material (such as holocaust denial) which is legal in the US, but illegal abroad? Similarly, what happens when China asks for access to a protester’s device? In both of these scenarios, companies will have little recourse but to comply if such functionality is created, and there are very real questions about how a US company can balance between respecting lawful requests, honoring the right to free expression, and doing business in a global marketplace.

In closing, members of government have repeatedly complained that they are “going dark,” and members of civil society have repeatedly shown that we are in fact in a “golden age of surveillance.” Conversely, members of civil society have repeatedly explained that secure backdoors are impossible to create, and that encryption backdoors weaken security. These facts all remain true: encryption backdoors unacceptably weaken security, and must be vigorously opposed.

Share Post