Why the Newest Political Hot-Button Issue may be personal Encyption.
A silent storm is brewing between the government and technology innovators across the US. We have entered an age where security is a constant topic of conversation and tech companies are trying hard to ensure customer data does not slip into the wrong hands. New methods of high security encryption are continually developed, such as Google’s Advanced Protection Program which launched last month and was covered in a previous Doverlog post. There is no doubt that companies are racing to produce the most secure and impenetrable encryption for data but that poses the question: Should they?
Deputy Attorney General Rod Rosenstein in a conversation with Pro Politico came out in favor of strong encryption however, supported the release of encrypted data if deemed essential to a criminal investigation. Here in lies the dilemma. Everyone wants to make sure their data are as safe as possible from all forms of breach, but what if encryption is used to cover illicit activity? There have been many high profile cases in the last year that have highlighted this very problem, including Apple vs. the FBI in which the Cupertino based company was ordered to aid investigators in the circumvention of specific security measures of an iPhone. Apple declined the request to release the data stored on the phone citing the potential for larger data security implications. The debate rages on. Should companies be forced to divulge information to state and local governments even though doing so could compromise the integrity of their encryption methods?
Renowned cryptographer Bruce Schneier compared, “[weakening encryption] with the tactic of secretly poisoning all the food at a restaurant. Yes, we might get lucky and poison a terrorist before he strikes, but we'll harm all the innocent customers in the process. Weakening encryption for everyone is harmful in exactly the same way." He hammers home the point that making exceptions in our security for the prosecution of one criminal potentially hurts the 100 other law abiding citizens who use encryption responsibility.
This is perhaps the biggest catch 22 of our generation. We cannot effectively prosecute criminals if we can’t access their data but we can’t have security ourselves if we do break encryption to prosecute said criminals.
What we are left with is a sliding scale. On one end we have total security and encryption of our data and on the other we have a world in which the government has backdoor access to all data. Of course, it is never as black and white as this but it will be interesting to see the continued debate between lawmakers, innovators, and concerned citizens.