Privacy, Liberty & Encryption

David Cameron

It is unfortunate, that in the aftermath of the Charlie Hebdo murders and hate crimes in France, rallying cries for freedom of speech were twisted to interpret “free” speech as the opposite of “private” speech.  A few weeks ago, British Prime Minister David Cameron spoke out, radically saying that “we must not allow terrorists safe space to communicate with each other," going on to suggest that there should be no means of communication which the government cannot read.  I'm in no way sympathetic to extremists or rebels who leverage privacy to plan nefarious and destructive acts, but I am certainly sympathetic to all of the innocent, law-abiding citizens whose civil rights would be trampled by such a policy.

It was just a few short months ago that certain US government officials cried foul when Apple solidified their encryption capabilities to the point that consumer data could not be deciphered, even under federal subpoena.  As Matthew Green wrote on Slate.com at the time, “Designing backdoors is easy. The challenge is in designing backdoors that only the right people can get through. In order to maintain its access to your phone, Apple would need a backdoor that allowed them to execute legitimate law enforcement requests, while locking hackers and well-resourced foreign intelligence services out.”  For this, among a myriad of other reasons, Apple relieved themselves of the headache and built the ‘Secure Enclave’ instead.  Individual iPhones encrypt extended data using a unique key, mathematically derived by combining their passcode with a set of secret numbers that are built into the phone.  Tim Cook himself couldn’t decrypt it without the user’s passcode and physical access to the device.  By extension, Apple is now rid of thousands of subpoena requests and pressure from a variety of global governments.

Despite the claims that law enforcement's hands would be tied by this development in time sensitive situations such as kidnapping cases, Bruce Schneier asserted in a CNN editorial that “of the 3,576 major offenses for which warrants were granted for communications interception in 2013, exactly one involved kidnapping.”  So much for that theoretical importance of maintaining access to user phones.  More importantly, Schneier points out that phone data “can no longer be accessed by criminals, governments, or rogue employees. Access to it can no longer be demanded by totalitarian governments.”

This is another complication.  Even if the FBI and other US law enforcement agencies were the absolute pinnacle of tech-fueled crime-fighting and the removal of communication intercepts truly shackled their efforts... at least it closes the door to other, more suspect governments.  Apple, Samsung and others can’t really play international favorites, after all.  If they were able to, and willing to, provide backdoor access to the USA, they would have obligations to North Korea as well.

Apple washed their hands of the encryption problem by abdicating their role as a middle man and gatekeeper, and the internet didn’t break.  Law enforcement and other agencies seem to still be solving crimes, even without their former favorite toy.  Possibly most important, the ship has sailed, before another government flexes their muscles.  Just like Iran banned WhatsApp.  Just like India forced Blackberry to provide a law enforcement backdoor.  The UK has long been a supporter of citizens rights and privacy.  Thankfully, Apple ended this conversation long before the Prime Minister’s kneejerk reaction, wishing out loud for a technology-driven vaccination from terrorism.  We can only hope that other phone manufacturers follow suit quickly.

I sympathize with the victims in France.  I understand the sentiments of David Cameron.  But now, more than ever, it is crucial that we protect our liberty by protecting our privacy.  If we are forced to sacrifice our rights, we have already lost the war.