Politicians in the United States have been claiming recently that end-to-end encryption is certainly too dangerous to permit. This movement is serious. Congress even introduced a bill that would remove the protections that we currently have that allow us to legally encrypt information. Lindsey Graham is one such proponent of this restrictive legislation:
Senator Lindsey Graham, a top Trump ally, is targeting giant internet platforms with a child protection measure that could threaten tech companies’ use of encryption and a liability exemption they prize.Bloomberg
Sorry for the interruption! I just wanted to mention that you should check out my new free cryptography course. It’s designed to teach you the crypto basics you need to get started in cybersecurity while writing code in the Go programming language.
What Is End-To-End Encryption?
End-to-end encryption (E2EE) is a system of communication where only the communicating users can read the messages. That is, it prevents potential eavesdroppers.Wikipedia
Every production worthy website uses end-to-end encryption in some sense. The algorithm encrypts the data when it leaves your computer and is decrypted again as it enters the website’s servers. This ensures, without a doubt, that no malicious third party (which “inconveniently” includes government agencies) can spy on your data.
However, if they have their way, governments and politicians would undoubtedly have a “master key” that allows them to decrypt ANY encrypted information. This would be accomplished by forcing security software to include backdoors to their encryption schemes.
The practical problem is that the math behind encryption is already public knowledge. Criminals will ALWAYS have the ability to encrypt data securely without backdoors, despite what Congress decides. A bill restricting encryption rights would only serve to put everyone’s personal privacy and security at unnecessary risk.
“If anyone can encrypt and transmit data, criminals will use that technology!”– Government People, Probably
While true, the world can’t unlearn math. Outlawing companies’ abilities to protect their customer’s data doesn’t make illicit cryptography more difficult.
Obviously, Emotional bills based on irrational fears are rarely a good idea to push quickly through congress. Of course, Politicians typically use these kinds of proposals to create a problem. Then, they can “solve” it in order to seem like a hero.
For example, If the argument for a regulation starts with something like:
- Think of the children
- Terrorists will use it
- Enables criminals and thugs
- Our way of life is being threatened
then it probably deserves a thorough examination based on evidence, data, and rationality. Laws that go into effect based on emotional hype historically haven’t turned out well, for instance: