Stop me if you've heard this before.
The US government wants a major tech company to stop the deployment of strong, end-to-end encryption in the name of “public safety.”
Is this Crypto Wars 3 or 4? Much like Fast and Furious sequels, I can’t recall which one we’re at, and they all kinda look the same.
On Thursday, BuzzFeed News revealed that Donald Trump’s Attorney General Bill Barr plans to send a letter to Facebook asking the tech giant to stop its deployment of end-to-end encryption on its messaging services "without ensuring that there is no reduction to user safety and without including a means for lawful access to the content of communications to protect our citizens.” End-to-end encryption is a type of secure communications that ensures that only the intended sender and receiver can read the contents of a message.
The bad news for Barr is that Facebook's services are largely already encrypted end-to-end. WhatsApp has had end-to-end encryption since 2016, and Facebook Messenger has an optional feature that allows for end-to-end encryption called “secret messages” since 2016.
Facebook, as part of its PR-oriented move towards “privacy” has already announced that it will integrate WhatsApp, Facebook Messenger, and Instagram to allow for end-to-end encrypted communications across all three platforms.
So, in other words, Barr wants Facebook to put a backdoor in WhatsApp, Facebook Messenger, and Instagram direct messages.
This is not a novel idea. Governments have fought against strong encryption since the 1990s. And nothing in the world has really changed much since then to make this proposal more palatable. The arguments of the anti-encryption side, for lack of a better word, are also more or less the same and boil down to “won’t anyone think of the children?”
“Companies should not deliberately design their systems to preclude any form of access to content, even for preventing or investigating the most serious crimes,” the letter reads, according to BuzzFeed. “This puts our citizens and societies at risk by severely eroding a company’s ability to detect and respond to illegal content and activity, such as child sexual exploitation and abuse, terrorism, and foreign adversaries’ attempts to undermine democratic values and institutions, preventing the prosecution of offenders and safeguarding of victims. It also impedes law enforcement’s ability to investigate these and other serious crimes.”
This argument, as Motherboard pointed out a few weeks ago when Barr spoke about the need for backdoors, totally ignores the fact that there already are tools for law enforcement to get around encryption when necessary, legitimate, and authorized by a judge. Namely, cops hack devices all the time to compromise messages' endpoints, allowing them to intercept and read the messages.
This "lawful intercept" is also not new. The FBI started using malware in its investigations as early as the late 1990s. Governments in Europe followed suit soon after, and there’s now a flourishing industry of government contractors that happily provide these kind of tools and services to not just the FBI but also law enforcement and intelligence agencies all over the world.
So, dear Bill, what’s different now? And are these tools not enough? The onus is on you to justify backdoors, something that no respectable technologists believes can be done safely. Just shouting 'child exploitation' or 'terrorism' should not be enough anymore.