Certain governments want a backdoor to decrypt secure communications, for law enforcement and national security reasons. Not so fast!
The debate about giving governments access to encrypted communications is back in the spotlight. Earlier this month, governments in the UK, US, and Australia asked Facebook, in an open letter, to delay plans to bring end-to-end encryption to all of its messaging services.
The US Justice Department and its counterparts in Australia and Britain have long pushed for implementation of encryption ‘backdoors’ to technology platforms—in essence, a ‘key’ that governments can use to unlock encryption systems and therefore allow law enforcement access to private conversations.
At the centre of this complex discussion are the fundamental rights of those who use encrypted messaging services that can ensure privacy and safety in communication, and whether law enforcement should be given the ability to sidestep these rights. Strong encryption protects the messages of over a billion people daily, allowing law-abiding businesses and private citizens, including journalists and civil society advocates, to communicate privately and securely online.
The adoption of encryption technology has also protected individuals and companies against countless online security threats. From phishing and identity theft, to hackings that steals sensitive data and shut down computer networks, cybercrime is on the rise in Asia. In fact, cybercrime cost companies in Asia over US$80 billion in 2015, significantly higher than that of Europe or the US. There is an urgent need to strengthen cybersecurity, and end-to-end encryption is a core part of online security in this data-driven world. End-to-end encryption importantly means that even platforms themselves do not have access to user messages.
The option of providing governments with a ‘key’ to bypass encryption via a specially created ‘backdoor’, while simultaneously attempting to protect the safety and integrity of encrypted content, is technically impossible today. Many security experts have outlined the significant risks of creating encryption ‘backdoors’, some likening it to “leaving a key under the mat” for others to find. This means that if governments can circumvent encryption, so can any party with malicious intent and the technical ability to do so.
Also critical to note is that if encryption ‘backdoors’ are created, the ensuing security risks created cannot be solely restricted to specific individuals who are under surveillance by governments. The reality is that a ‘backdoor’ would impact each and every individual user of that technology service, thus risking the privacy of law-abiding citizens, as well as their legitimate right to communicate safely and securely without needless exposure to risk, or even potentially illegal surveillance.
The Asia Internet Coalition recognizes and respects the critical role of law enforcement in keeping society safe. However, we firmly believe in the importance of protecting the integrity and security of encrypted online communications services utilised by billions of users—including journalists, businesses, governments, and civil society advocates—around the world.
As governments in Asia develop their cybersecurity and privacy frameworks and policies in an increasingly digitized ecosystem, we strongly urge policy makers to reject the path adopted by the US, UK, and Australian governments of calling for encryption ‘backdoors’.
Instead, Asian governments should protect and encourage the development and use of secure communications tools and technologies. To that end, Industry is open to dialog about developing technical solutions that would not undermine the security of communications. As Asia’s technology sector grows in its influence and increasingly becomes a driver of innovation, it is critical that governments here step up and serve as global leaders on privacy and security issues.