CNN: “Encryption a Growing Threat to Security.”
CNN’s Mike Rogers went a bit off the rails recently, headlining a piece “encryption is a threat to security.” Now, excuse you, do what? That makes no sense. Encryption is a tool of security. It cannot be a threat to security at the same time as it is a tool. The other guy could potentially use it, but he can also use a gun, right? Running headlines like that is irresponsible.
It highlights the real agenda of certain elements of the mainstream media bent on the destruction of privacy and other peculiar American rights. What will they do when the right of the press is restricted? Will they even care as long as they make the same money? After giving a litany of examples of times that people handled things they had possession over even if they were not responsible for them, Rogers goes on to say:
[…] state and federal laws routinely act in the interest of public safety at home and abroad. Now, an emerging technology poses a serious threat to Americans — and Congress and our government have failed to address it. […] With this technology, a known ISIS bomb maker would be able to send an email from a tracked computer to a suspected radicalized individual under investigation in New York, and U.S. federal law enforcement agencies would not be able to see ISIS’s attack plans.
Now, all of this is, of course, hyperbole. There is no reason to suspect that companies are providing services explicitly for the use of terrorists. There aren’t enough terrorists to create a market, in a real sense. Privacy companies such as Trineba offer their services instead to governments, to large organizations with intellectual property to protect. Aside from the fact that demanding a private key from these companies is akin to asking them to go out of business, accusing them, even sideways, of marketing their services to terrorists somehow, well, that makes no sense. There are, of course, other records that can be pulled. The government could at least potentially know if one of these companies was providing services to such nefarious elements as Rogers refers to, and could even potentially ask them to stop providing such services.
But Rogers takes it all to a new level with this next bit and makes it clear that his case is extreme: he wants to ban private encryption.
What could a solution look like? The most obvious one is that U.S. tech companies keep a key to that encrypted communication for legitimate law enforcement purposes. In fact, they should feel a responsibility and a moral obligation to do so, or else they risk upending the balance between privacy and safety that we have so carefully cultivated in this country.
People like Rogers obviously have no real understanding of the value that encryption provides in society. One obvious and recent example of a benefit from encryption would be the cryptographic currency, Bitcoin, and the many derivatives that have come along as well. Offering censorship resistance and real value based on true, fixed scarcity, this is one example of something that could not be achieved without private encryption.
Other examples abound, from SSL and onward. Even if such private keys and back doors would supposedly only be available to the government, the cost of maintaining such access would fall on the company. This is assuming that it could be accurately maintained and that it would not be compromised in regular operations.
Images from f11photo and Shutterstock.