What Politicos Don’t Know About Encryption Could Make Us All Less Safe
If you’d had to predict which technology policy issue would lead the discussion in the 2016 presidential race, you might have guessed net neutrality or patent reform. But you’d have been wrong: So far, the hottest topic has been encryption.
It came up in the Republican debates in Cleveland last month. There, former Hewlett-Packard CEO Carly Fiorina said she would “absolutely” call on Apple and Google to “collaborate and cooperate” with law enforcement on encryption — to tear down the “cyberwalls,” as she put it. Later in the debate, South Carolina Sen. Lindsey Graham echoed her call.
The issue came up again later in August when former Florida Gov. Jeb Bush told an audience in South Carolina: “If you create encryption, it makes it harder for the American government to do its job — while protecting civil liberties — to make sure that evildoers aren’t in our midst.”
In retrospect, the otherwise-wonky issue of whether your phones and apps should be able to scramble your data — in ways that even the manufacturers can’t unlock — makes sense as a political football: It involves everyday law enforcement and therefore offers a chance to look tough on crime. It touches on international terrorism — giving an opportunity to invoke the memory of 9/11.
Encrypted by default
The controversy stems in part from decisions at Apple and Google to turn on encryption by default in the most recent versions of their respective smartphone operating systems (iOS 8 and Android Lollipop).
According to Apple, 87 percent of all iOS devices now run iOS 8. That means the data on them can no longer be retrieved by anybody without the device itself and some way to get to its passcode. And more of these encrypted-by-default devices ship all the time: In its two most recent quarters, Apple sold almost 109 million iPhones.
Google later backed off a bit from its original commitment to encryption in Lollipop: Data scrambling is now the default on only some new Android devices.
But when candidates call for “collaboration” or “cooperation,” they’re really calling for all technology companies to provide some sort of extra key that would allow law enforcement to decrypt the data from those phones. But the encryption experts will tell you that providing such an extra key would actually weaken everything.
Security experts: No can do
Fifteen such experts recently collaborated on a paper (“Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications”) explaining why. You should take the time to read it.
It’s true, they explain, that you can make so-called key escrow systems — in which a trusted third party stores a backup key — that are reasonably secure in limited environments, such as companies or government agencies. But when you’re talking about the mass scale of consumer devices like smartphones, there are too many ways for things to break.
This is a distinction you won’t hear very often in discussions outside C-SPAN. At a panel in March, Deputy Assistant Attorney General David Bitkower said he’s not worried about the existence of unbreakable encryption (he said his Department of Justice colleagues rely on it), but how it’s become widespread in entry-level products.
Let’s say Apple were to ship an update that allowed it to unlock its devices later on. Most law-abiding citizens would probably do their usual cursory due diligence — basically, verifying that the release notes aren’t in Klingon — and then tap the install button. But determined criminals — the evildoers we’re supposed to worry about the most, the ones most often invoked in primary debates — won’t.
If they did install the update, they could still use somebody else’s software to encrypt their data. Software development is a widely distributed endeavor. To control encryption tools in the United States, you would have to essentially outlaw open-source development worldwide. Good luck with that.
The benefits of encryption
Let’s also remember that encryption can help law-abiding Americans, too.
For one thing, private information can be incredibly damaging if it falls into the wrong hands. That’s why, for instance, Republican candidate and New Jersey Gov. Chris Christie signed a law in January requiring health insurance companies to encrypt customer data.
Strong encryption without a back door may even undo some crimes. Federal Trade Commission chief technologist Ashkan Soltani recently wrote about how his stolen but encrypted laptop had turned up at an Apple Store. Apparently, the misguided thief tried to get Apple to unlock it. At the time of his writing, the still-locked MacBook was on its way home. (No word yet on whether police in Sacramento, Calif., had caught the thief.)
It’s true that some of the nightmare scenarios raised by opponents of strong encryption could indeed occur. At a conference in Washington, D.C., in July, Open Technology Institute director Kevin Bankston stood up in the audience and said he’s not afraid to say that people will be hurt and die because of encryption.
But, he added, others will also get hurt and be killed because of the lack of it: Think of people trying to evade stalkers or political dissidents living under totalitarian regimes. “Thanks to encryption, people survive,” Bankston concluded.
Three national security veterans — former National Security Agency Director Mike McConnell, former Homeland Security Secretary Michael Chertoff, former Deputy Defense Secretary William Lynn — recently came to a similar conclusion.
As they wrote in the Washington Post, “The greater public good is a secure communications infrastructure protected by ubiquitous encryption at the device, server and enterprise level without building in means for government monitoring.”
You’re welcome to debate that. It wouldn’t be a new argument. We’ve been hearing versions of it in America for more than 200 years, ever since we decided that our government couldn’t do just anything it thinks essential for the sake of security.
Email Rob at rob@robpegoraro.com; follow him on Twitter at @robpegoraro.
