Home / Blogs

Encryption = good : Backdoor = bad

Every time there is a tragic attack on people or property, there is a cry from various authorities or politicians for law enforcement to get unfettered access to all kinds of communication tools.

But that would cause far more harm than good, and is a really bad idea.

The argument goes something like this:

These bad actors hide behind encrypted communications to plan their evil deeds. Therefore to stop them, law enforcement needs to have access to all this. Therefore we need to have backdoors built into all encryption that law enforcement can use.

This is flawed in many ways.

There is no evidence that unfettered access to communications helps. Sometimes the information was actually available, but no one managed to put it together ahead of time to stop the evil deed.

There is no way that backdoors can be limited to use by law enforcement. They will inevitably be discovered by others and used for evil, thus rendering encryption and all the protection it provides useless.

Bad actors will stay a step ahead. If mainstream communications and encryption tools have backdoors, they will just create their own secure communications channels.

But don’t just take my word for this. Read, for example, this article by security expert Brice Schneier entitled Why we Encrypt.

And this article by Cory Doctorow on how ridiculous British Prime Minister David Cameron’s comments on the need to backdoor encryption are entitled, ‘What David Cameron just proposed would endanger every Briton and destroy the IT industry’.

And this article by Mike Masnick of Techdirt entitled, ‘The Paris Attacks Were An Intelligence Community Failure, Not An ‘Encryption’ Problem’.

Originally published on the Slaw and elegal blogs

By David Canton, Technology & Business Lawyer at Harrison Pensa LLP

Filed Under

Comments

They just don't ever learn. I've said Lynda L. True  –  Dec 13, 2015 7:37 PM

They just don’t ever learn. I’ve said the same thing every time this moronic argument shows up, and I wish that the talking heads occupying the space that journalists used to be in would pay attention to this:

We[*] are NOT the only people who know how to write encryption. We never were. Back in the ITAR days, it was true. It still is. The intelligence community is lazy, and their arguments are shallow. I don’t want to live in a cotton batting lined world. I surely don’t want to live in one where I give up my privacy to provide the illusion of security to others.

[*] You may place any definition of “we” you like, from USA to Five Eyes, or any other.

Comment Title:

  Notify me of follow-up comments

We encourage you to post comments and engage in discussions that advance this post through relevant opinion, anecdotes, links and data. If you see a comment that you believe is irrelevant or inappropriate, you can report it using the link at the end of each comment. Views expressed in the comments do not represent those of CircleID. For more information on our comment policy, see Codes of Conduct.

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

Related

Topics

DNS

Sponsored byDNIB.com

Threat Intelligence

Sponsored byWhoisXML API

New TLDs

Sponsored byRadix

Domain Names

Sponsored byVerisign

Brand Protection

Sponsored byCSC

IPv4 Markets

Sponsored byIPv4.Global

Cybersecurity

Sponsored byVerisign