I have been reading a lot lately about privacy and security issues concerning digital data. As anyone who has read in this blog is probably already aware, I am a fan of digital privacy. This may seem somewhat unusual, in that I am also an avid blogger and enjoy learning as much as I can about anything I can through the use of the Internet. However, there is a reason why these two things can coexist – it has to do with the way I view and use my various technological marvels as extensions of my mind. As I read more about how some governments are encroaching more and more on the issue of privacy concerning data and technology, I think this perspective is not only important, I think it is at the heart of the current debate.
The case for building back doors into encrypted devices is a legitimate one, from the perspective of any government or law enforcement agency: doing so helps to enforce laws. The laws, as we all know, are ideally designed to keep the public safe and secure. Laws, and a government that enforces them, empower even the most humble of citizens. The laws, like the governments who craft them, are ideally meant to serve the public. From this perspective, technology is seen as nothing more than a device or object, and data as potential evidence of a crime, either actual or planned. This is the basis of the argument that the US government, now also including the President, is taking in the latest attempt to gain access to systems meant to prevent all intruders. One thing this argument quietly excludes is the fact that the US already has the means to break encryption … this ability is simply not available to law enforcement in general. I bring this up because of President Obama’s comment suggesting that a compromise to the encryption debate would include a system in which the fewest people possible have access to encrypted data … this seems to have already happened, I find it interesting that the attempt to expand on this number is being masked while discussing trustworthiness and openness.
Despite the legitimate concerns of governments and law enforcement agencies, there are some critical problems I see with the attempt to force tech companies to compromise their own products by introducing what would become a known weakness in encryption, all but lighting a signal fire for people and agencies around the world to start hacking at. First is what I just wrote, and it is an argument already brought up by tech companies … if anyone knows the kinds of weaknesses this kind of measure would introduce to their products, I can only assume it would be the producers, themselves. President Obama argues that only as few people as possible should have the keys … once it is known that there is a back door in place, there will be a long line of capable minds with varying motives, waiting to pick the lock.
This brings up another critical problem, that of trust. The public is being asked to trust that the government will not abuse its powers, that the government would exercise wisdom and discretion in its pursuit of justice and compliance with the law. Not only is this being done in the wake of the Snowden leaks (which only accelerated a growing mistrust in privacy abuses committed by governments and corporations, it did not start it); this is being done before a backdrop of one US law enforcement trying to brute-force a tech company to compromise its own product and standards concerning privacy and security. Fear of shootings and tax evaders is being used to manipulate public opinion … it’s a little more subtle and sophisticated than the ‘if you’ve nothing to hide, why worry’ approach that was so common during the Bush years; but when you read between the lines, the association between privacy-minded members of the public and a government’s hindered ability to police its public is clear enough. This leads us to another point regarding an assumption that people who value and guard privacy are somehow advocating and enabling a criminal element:
Assuming that someone who wishes to maintain the integrity of their private data is simultaneously supporting the kinds of criminals who further themselves with the same technology, is the same as assuming that anyone who supports the right to carry the means to defend themselves simultaneously supports violent criminals.
The assumption is an absurd one, of course; but I’ve seen it bandied about by people who hope to somehow or another shame privacy advocates into compliance with government wishes. This does not promote trust, it increases skepticism because it is a form of manipulation. I bring up trust so much mainly because it seems as though governments are asking the public to trust them enough to surrender their right to privacy. And I do consider privacy to be a right that we all have. We are given a mind and a capacity to think for ourselves. We are given the means to express our thoughts and experiences. The decision we make, to express ourselves or to not express ourselves, to regulate our individual privacy, is our right that comes to us with the sovereignty over our own minds. We can be compelled or manipulated to compromise that right … we can be given a choice involving an alternative that is far less preferable to us than exercising our right to privacy, for example; but the choice is still ultimately ours to make.
When it comes to digital data, it represents a form of thoughts and ideas. That this is something that should be protected and safeguarded is not a novel idea – copyright battles of epic proportions have been fought on this very premise; and I think the way the US government reacted to its own breach of encryption, otherwise known as Edward Snowden, is a good example of its own views concerning the integrity of its own data privacy. The thoughts and memories I have in digital form are mine to share or not share, whether they be in the form of a diary, a collection of photos taken at wild parties when I was 20 or when I’ll be 60, or my own research into how to use my microwave oven and a bag of marshmallows to generate a sustainable energy source for my home. That others might abuse their own right to privacy is not a valid enough reason for me to consider allowing others to abuse my right to it. I know that people have gotten injured or killed – I am not insensitive to this at all – but I do not believe encryption injured or killed these people. It is an assumption that breaking encryption will prevent more injury and death … the last time I picked up a book about law enforcement may have been a while ago, but I remember well that hunches and assumptions were no way to make cases.
While discussing damage to life, we should consider also that our economies are closely tied to our data and our comfort with relying on it … as our reliance on digital data has increased, so too has our interest in maintaining our ability to determine for ourselves who has access to that data. Deliberately weaken encryption, and watch all of that grind to an agonizing crawl as companies as well as individuals lose trust in the integrity of their data privacy. How many lives are imperiled when economies suffer?
This degree of intrusiveness will not protect the public from criminals. It will likely create more law breakers by encouraging a culture of mistrust and resentment. More effective would be for various governments (I don’t mean to just pick on one here, it just so happens to be in the media spotlight lately) to address existing mistrust and resentment rather than increase it by ramming its way into the privacy of someone’s own mind and thoughts. Forcing a back door to be created in encrypted, private devices, for the sake of stopping criminals is not so different from the police expecting the public to accept detectives spiking the punch bowl at parties with something like Rohypnol in the hopes of getting confessions from would-be date rapists. That the tactic might work does not make it the right thing to do. Encryption matters – it is what enables us to determine for ourselves, as with our own minds, what thoughts and experiences of ours are to be shared or kept private. It’s worth standing up for – doing so, in its own way, might even encourage governments to find more effective ways to discourage acts of crime and violence. At the very least, standing up for encryption helps to better our governments by discouraging them from moving a step closer to Orwellian Thought Police tactics.