End-to-end encryption is now the way most messages are sent globally. Much as you might expect this technology to always secure our personal communications, we cannot take end-to-end encryption for granted. There remains serious pressure to take it away.
Elected officials in Europe have recently called for companies to build ways to break into their own encryption. In India, regulators have published new rules for messaging services that would undermine people’s ability to have a private conversation. Brazil’s Supreme Court may soon decide whether the government can shut off encrypted messaging services, in a case that started after a Facebook executive was arrested for not providing police with messages we could not access. Any of these steps could alter the course of the internet at a time when people need strong security more than ever.
An early draft of the report, seen by WIRED, says that increased usage of end-to-end encryption would protect adults’ privacy at the expense of children’s safety, and that any strategy adopted by technology companies to mitigate the effect of end-to-end encryption will “almost certainly be less effective than the current ability to scan for harmful content.”.
Technical as encryption can be, it is really about something at the very core of how we live our lives today: Should people be able to have a private conversation when they are not together in person?
Terrorists should not feel free to upload terrible images of slaughter, but neither should they be empowered to empty people’s bank accounts or to tap the phones of presidents and prime ministers.“But,” people say, “What if only legitimate requests can get into the protected communications?” Weaknesses in computer systems are discovered by attackers all the time.
I believe the answer must be yes. People speak to each other privately in person all the time. As human beings we’re wired to assume that when we’re talking to someone face to face, our conversation is private. We shouldn’t give that up. The lessons of the past five years make it absolutely clear that technology companies and governments must prioritize private and secure communication.
End-to-end encryption helps solve a fundamental problem of how the internet evolved. While the WhatsApp you see on your phone or desktop looks simple, it’s the product of decades of investment. Chats and calls are automatically routed via a global network of data centers and traverse cell towers and mobile networks built by carriers using hardware of various designs.
These real-time networks provide enormous benefits, but only if we can overcome the security challenges of relying on this patchwork of technology. The more interconnected we are, the more corporations, criminals, and authoritarian governments can find new ways to access what we write and say.
The stakes are not just a matter of personal, financial, or reputational risk for the few. Given the reliance on global communication by nearly every economy on the planet, how technology is built impacts people everywhere in different ways. In many parts of the world, people live in fear that the real-time networks they rely on will be used by authoritarian governments to oppress them.
Sadly, the same technology that makes it easier for dissidents to speak up also makes it easier for dictators to crack down. Saudi Arabia and many other countries rely on commercial digital espionage services to track, jail, and even kill journalists, including outside their own nation. They are receiving help from unaccountable foreign companies selling hacking services to governments on multiple continents without any regard for the consequences to people’s human rights. And of course one country has chosen to build its internet in a way that’s designed to eliminate privacy. The leading messaging service in China relies on automatic filters to censor conversations. Fearful of their phones, people try workarounds by chatting with emojis, GIFs, and innuendo.