Wednesday, July 24, 2019 [Tweets] [Favorites]

Attorney General William Barr on Encryption Policy

Bruce Schneier:

Yesterday, Attorney General William Barr gave a major speech on encryption policy -- what is commonly known as “going dark.” Speaking at Fordham University in New York, he admitted that adding backdoors decreases security but that it is worth it.

[…]

I think this is a major change in government position. Previously, the FBI, the Justice Department and so on had claimed that backdoors for law enforcement could be added without any loss of security. They maintained that technologists just need to figure out how: an approach we have derisively named “nerd harder.”

With this change, we can finally have a sensible policy conversation. Yes, adding a backdoor increases our collective security because it allows law enforcement to eavesdrop on the bad guys. But adding that backdoor also decreases our collective security because the bad guys can eavesdrop on everyone. This is exactly the policy debate we should be having not the fake one about whether or not we can have both security and surveillance.

That sounded encouraging. However, Barr also said (via Nick Heer):

We are confident that there are technical solutions that will allow lawful access to encrypted data and communications by law enforcement, without materially weakening the security provided by encryption.

If he’s only conceding a theoretical—not material—difference, I’m not sure how much of a change this really is.

Previously:

Update (2019-08-15): See also: Bruce Schneier.

3 Comments

Ghost Quartz

Encryption is only meaningful if the ciphertext is inaccessible without the corresponding key, and I should be the only person who decides who has that key. A system inherently lacks privacy if access to my personal information is out of my control. This debate is like asking for a bullet-proof vest that lets police officers’ bullets through. It’s not really bullet-proof if someone can still shoot you.

The whole "going dark" framing is dishonest to begin with. Things were always invisible to law enforcment until they took real sheps to make them visible. Conversations and postal letters were invsisible until the police bugged phones or intercepted mail. It's only with increased digitaliuation that there was even a chance for this data to be easily and universally visible to governments. Even with full, safe encryption, modern law enforcment has more visibility into this data than ever before in the history of humanity.

Nothing is going dark here, even with universal encryption, this is the most transparent time in history.

@Lukas, I think dishonest is an excellent adjective.

Stay up-to-date by subscribing to the Comments RSS Feed for this post.

Leave a Comment