I talked to NBC’s Pete Williams yesterday about the encryption debate that has raged since the Paris terror attacks. The debate got additional legs when New York District Attorney Cyrus Vance released a white paper Wednesday arguing that Apple and Google should be forced to include backdoors in their smartphones. His argument: If cops can get wiretap orders, why can’t they ask Silicon Valley firms to access phones loaded with critical evidence.
As I said to Pete, we are struggling with a war of imprecise metaphors that cloud the discussion, and it’s really hard to reduce the discussion to a sound bite. After all, the urge to stop terror attacks is a pretty powerful sound bite.
Fortunately, many in the technology community have stepped forward with well-reasoned arguments explaining why forcing U.S. companies to break their own encryption would make us less safe, not more. If you really care about the discussion, read this paper from July authored by a set of technology experts called “Keys Under Doormats.”
If that’s a bit detailed for you, I wrote a straightforward piece earlier this week outlining the arguments. But in essence, what I say in the video above is pretty simple. It someone can break the encyption, anyone can. If Apple can be forced to unlock phones by the Justice Department, Apple can be forced to unlock phones by the Chinese government, too. And there’s a high likelihood that criminals will eventually figure out how to use this backdoor. Encryption with a hole isn’t encryption any longer. Meanwhile, criminals will just use rogue encryption products. They’ll actually gain the upper hand.
It’s important to note that, after an initial flurry of stories blaming encryption for this attack, all evidence so far points to the Paris criminals using old-fashioned plain text and face-to-face conversations to communicate. (See this Techdirt.com piece.) Government back doors wouldn’t have stopped this attack. Better policing might have. French authorities have lamented that they already have to much information to deal with and not enough analysts. Inevitably, what we discover after each attack is that it could have been prevented, that the information needed to do so was already at hand — but it was missed.
Everyone wants technology to be a silver bullet and solve all our problems. Sadly, it won’t. It’s not magic. It’s often snake oil.
Here’s a thought experiment: Imagine if terrorist attacks led to outraged cries for more human resources to protect us.