The Encryption Debate Rages On. Welcoming Cindy Cohn of the EFF to Versus

Earlier this year, Apple and the FBI battled it out over access to a terrorist’s encrypted cellphone in the aftermath of the tragic San Bernardino shooting. At the heart of the encryption debate is the right to individual privacy. Should the government have backdoor access to encrypted data to combat terrorism? Or does that backdoor ultimately compromise our security and right to privacy?

This is exactly the kind of controversial discussion we’re featuring this November at Versus.

Today, I’m thrilled to announce our first debate: Encryption: Tool of Terror vs. Tool of Liberty? Joining us to speak on the side of strong encryption and privacy is Cindy Cohn, Executive Director of the Electronic Frontier Foundation, crypto expert and the legal mastermind behind some of the most defining encryption cases. Cindy has been named one of the top 100 most influential lawyers by the National Law Journal, is a relentless advocate of encryption and privacy, and has dedicated her career to calling out and preventing unsanctioned government outreach, including unwarranted spying by the NSA.

I sat down with Cindy and asked her a few questions to get a sneak preview of the debate.

Roughly 20 years ago, encryption was a listed “weapon” in the U.S. Munitions list, just like a bomb or a flamethrower. Your work in Bernstein v. Dept. of Justice redefined that. What’s the biggest change you’ve witnessed in encryption since the outcome of the case?

Encryption is now “everywhere.” Anyone who’s bought something online, or who’s sent an iMessage has used encryption as a tool in their day-to-day life. What the government originally viewed as “theirs” for national security purposes has now become ubiquitous, and a common good for the public.

As a common good, we also have to stop framing the encryption debate as a “balance between privacy and security.” When it comes to strong security, it’s not really a balance, it’s an either-or answer. Just like pregnancy, “you’re either pregnant or you’re not. You’re either using strong encryption or you’re not, and all this talk about ‘back doors’ and ‘balance’ is just covering up a call for weakened security.”

Over the past two years, we’ve also seen an unprecedented increase in end-to-end encryption in mobile and consumer apps (e.g., Facebook’s WhatsApp, Google, and Apple’s mobile operating systems). Why is encryption on the rise?

There are two reasons for this. First, I think as a society we are recognizing the importance of computer security. As individuals, we store tremendously important information with third-parties. The OPM hack last year, and even the leaked, nude celebrity photographs from Apple’s cloud storage underscore how much trust and access we grant these third-parties. Encryption is on the rise because it’s the way we guarantee our information remains secure.

The second reason is Snowden. As part of Snowden’s revelations, we saw the government both attack and even brag about how they tapped into Google’s network, ultimately making its infrastructure less secure. These findings have made big companies wake up, and respond to the market pressure by ensuring customer data remains private through encryption.

With encryption on the rise, the FBI has warned that terrorist groups like ISIS will leverage encryption to obscure and hide attacks, making it difficult to protect national security. Do you agree? Is encryption also a tool of terror?

The FBI has never had complete visibility into any and all communications for criminal intent. The problem with the FBI’s argument is that there’s a presumption that we’re now “going dark, as if there was a time when there was ‘light’”. Moreover, the argument that encryption is a tool of terror and that backdoors are necessary is like saying we need to remove the locks off our doors for the government to do its job because there may be terrorists hiding in any of our houses. It doesn’t make sense at scale. It also presumes that the bad guys won’t have encryption if the U.S. government makes it illegal. Encryption exists all around the world and is a kind of applied mathematics that is much older than the U.S. (Caesar’s cypher is one that many children learn). Terrorists will always have access to it, so making it illegal will just mean that law abiding people don’t have protection while the bad guys always will.

I am sympathetic to people wanting to access to solve crimes. But we also need to consider the other side of the coin: how many crimes are enabled if we didn’t have encryption? Think about foreign activists in regimes like China, or domestic violence victims needing protection from their perpetrators, or the number of identities that would be stolen – denying people mortgages, and even leading to false arrests – when data is stored and moves in the clear, without encryption. That side is never discussed.

What excites you most about Versus and your head-to-head encryption debate with Dan Rosenthal?

It’s important we have these encryption debates. If the FBI is going to demand that we dumb down technology, it’s important for us that do understand the technology to discuss its implications. I’m a little dismayed that this debate is back because I thought we’d settled this back in the nineties (with Bernstein v. Dept. of Justice). I am an advocate of encryption. I believe in its role in helping security blossom, in building a more just and sustainable society but we won’t get there if there are backdoors for the government to exploit.

Are you as excited as we are? Tomorrow, I’ll be asking Daniel (“DJ”) Rosenthal, a former Director of Counterterrorism for the National Security Council the same questions. Check out the rest at Versus16.com, and register today.

 

Written on October 5, 2016
by Veliz Perez
Tags:
  • Industry, 
  • Security