Cryptography. We all use it; we all depend on it to keep us secure, to protect our privacy. It has come to be an integral and accepted part of our lives.
Less than twenty years ago, developing it was dangerous and exporting it was a crime. In fact, as late as 1992, it was classified on the U.S. Munitions List; its code was treated the same as nuclear material. But that time has passed, the era of fighting for the freedom of code and our right to write it. Bernstein v.United States recognized code as a form of free speech and helped to usher in an era of protection of those who write code. Programmers, tech nerds, and cryptographers alike won.
So why does this matter? We have cryptography everywhere. The 'S' in HTTPS stands for secure; many modern web pages take advantage of TLS (Transport Layer Security) which uses both public and private key cryptography to protect your information. Many phones the ability to encrypt their memory, making it near impossible for anyone to get its content from you without permission.
According to David Cameron, the British Prime Minister, we must not "allow a means of communication which it simply isn't possible to read." This attack on cryptography came soon after the Charlie Hebdo attack, and with fear of other attacks in Europe or the United States, an issue far beyond the scope of discussion here.
But wait, we shouldn't worry, after all the United States is sure to protect our privacy and our freedoms, right? Other than the fact that you should always worry about your rights, President Obama; the Director of the FBI, James Comey; the Director of the CIA, John Brennen; and the head of the NSA, Keith B. Alexander have lent their support to the issue, citing issues of terrorism, and multiple commissions in the House and Senate are exploring the issue of requiring back-doors in encryption. This is especially ironic when there is no evidence to support the necessity of backdoor. The revelations after Snowden's release only increased concerns that the government already has backdoor and already compromises security.
So why defend cryptography?
First, the United Nations says that strong encryption is key to freedom and an important human rights issue, with the United Nation's Office of the High Commissioner going so far as to say in a report:
"States should not restrict encryption and anonymity, which facilitate and often enable the rights to freedom of opinion and expression. Blanket prohibitions fail to be necessary and proportionate. States should avoid all measures that weaken the security that individuals may enjoy online, such as backdoors, weak encryption standards and key escrows. In addition, States should refrain from making the identification of users a condition for access to digital communications and online services and requiring SIM card registration for mobile users. Corporate actors should likewise consider their own policies that restrict encryption and anonymity (including through the use of pseudonyms). Court-ordered decryption, subject to domestic and international law, may only be permissible when it results from transparent and publicly accessible laws applied solely on a targeted, case-by-case basis to individuals (i.e., not to a mass of people) and subject to judicial warrant and the protection of due process rights of individuals."Yet even with this report, the United States continues in an attempt to gain backdoor access to algorithms. And what, you may ask, if it does make us safer?
Firstly, there is very little evidence to show that cryptography has ever prevented detection of a terrorist plot, nor is there any reason to believe that the NSA couldn't already break many forms of encryption based on the leaked documents.
If this is the case, why then is it still important to oppose back doors?
First is business. As much as I hate to admit it, business is a very important part of the United States. So what happens when it is compromised? People stop using it. This harms a fairly large sector of the market and also encourages businesses to leave the United States in favor of better conditions. If the U.S, were to completely ban backdoor encryption, it would only force all companies that wished to keep company secrets safe to leave. This applies especially to foreign companies, although there is no reason any company would trust the government with its information.
Secondly is precedent. Even if we want to ignore the United Nation's report on the necessity of secure encryption (including security from the government) on the basis of the U.S. already having "freedom," the U.S. sets a precedent that other countries follow. We can hardly expect other countries to do things that we ourselves won't do.
Third is privacy. Even if they can already crack the encryption, it is not easy. This means that they cannot engage in mass surveillance of encrypted matter, they have to pick where they target, decreasing the invasion of privacy, which several courts have ruled unconstitutional in the case of the NSA mass surveillance.
Fourth is defense. Even if we can successfully ban it, other countries won't, which means that terrorist groups that would use it otherwise would still be able to get their hands on it. This means that any risk of the above problems is a reason to oppose back-doors or any form of compromised security.
So how?
First you can stay informed about the issues of cryptography. The EFF has a lot of news about it as do many other groups.
Second, you can make your opinion heard, either through talking to/emailing your local congressperson, or through leaving a comment or signing the petition.
Third, you can learn how to use and use cryptography. This helps to familiarize yourself with it and also make it harder for the government to oppose cryptography. Also just in general cryptography is cool. There are some resources here.
Fourth, you could learn and implement cryptography or contribute to the community. By creating more (hopefully open source) implementations of encryption algorithms, it becomes harder to regulate and/or ban all implementations of them.
For reading on the history of the Crypto Wars.
The Electronic Frontier Foundation on security and the FBI's hypocrisy concerning encryption.
The issue of Paris as it pertains to Crypto as analyzed by Foreign Policy
