Privacy and computer security are too important to be left to political meddling
And it shouldn't be a privilege handed out by governments
Register Debate Welcome to the latest Register Debate in which writers discuss technology topics, and you the reader choose the winning argument. The format is simple: we propose a motion, the arguments for the motion will run this Monday and Wednesday, and the arguments against on Tuesday and Thursday. During the week you can cast your vote on which side you support using the poll embedded below, choosing whether you're in favor or against the motion. The final score will be announced on Friday, revealing whether the for or against argument was most popular.
This week's motion is: In the digital age, we should not expect our communications to remain private.
Our second contributor debating AGAINST the motion is veteran security journalist John E. Dunn.
If the British government fails to persuade the tech titans to back away from implementing end-to-end encryption (E2EE) in messaging apps then its next tactic will be to try to mobilize public opinion against it by claiming the technology puts society in moral peril.
It's a new approach laid bare in a recent report that the Home Office commissioned an advertising agency to come up with a campaign to turn citizens against E2EE, specifically Facebook's decision to add the technology to Messenger by 2023. As ever, it's about protecting children.
"We have engaged M&C Saatchi to bring together the many organisations who share our concerns about the impact end-to-end encryption would have on our ability to keep children safe," commented a Home Office spokesperson.
The tactic is probably doomed. The public probably doesn't like the idea of abusers hiding behind encryption, but many folks are equally suspicious of the government's motives. The government, it seems, doesn't trust its citizens. Facebook, meanwhile, doesn't trust governments, fearing that by agreeing to create E2EE backdoors it risks becoming an arm of state surveillance. Ordinary citizens just wonder whether they should trust anyone.
The public probably doesn't like the idea of abusers hiding behind encryption, but many folks are equally suspicious of the government's motives
The problem with trust is that once it's gone, it's gone for good. Although most people trust governments in a general way, this can wear thin if pushed too far. This is especially true for privacy even if people are often complacent about how much of it they really have. Tell people you're taking it away and they'll feel a liberty has been taken. In a free society, privacy should be something citizens and businesses have some control over rather than a privilege handed out by governments on their terms.
The British government has yet to ask businesses what they think. Small businesses increasingly depend on E2EE apps that have emerged from consumer tech so the idea of official snooping on these apps could eventually become an issue. Enterprises, of course, don't use these apps but are increasingly nervous that E2EE is the thin edge of a wedge being driven into the idea of private business communications.
For enterprises, encryption is non-negotiable. You can't have secure communications and data some of the time. It's all or nothing. This is how encryption has been sold to them for decades – it creates absolute mathematical certainty that protects them from their rivals, from criminals, from nation states, and yes, from government interference. In many cases, this security is a regulatory and legal requirement.
In arguing to bypass E2EE, the British government appears to want to set itself up as the ultimate arbiter on where and when privacy and security should apply. Despite the moral arguments used to justify weakening encryption, this is the recourse of an authoritarian regime, ironic given UK and US antipathy to the oppressive mass surveillance carried out in countries such as Russia and China.
E2EE is the target today but it won't stop there
The benefits of backdooring E2EE are not only illusory but damaging. Criminals would continue their activities using different E2EE apps while ordinary citizens and businesses would be subjected to pointless surveillance. Trust in governments would decline. Hailed as a great advance it would be nothing of the sort, instead mere surveillance theater.
E2EE is the target today but it won't stop there. Other applications and perhaps broader uses of encryption will be next because criminals are probably hiding there too. Imagine living in a world in which governments control privacy and security.
This is not a world of greater security but eroding trust. Who is watching? You have no way of knowing. Nobody in their right mind would want to live in this world and for that reason I implore everyone to vote against this motion. ®
In a career of 30 years John E Dunn edited several dead tree computer magazines before specialising in cybersecurity in 2003 when he co-founded online title Techworld. These days he writes on the topic in numerous places because there is a lot to talk about.
Cast your vote below. We'll close the poll on Thursday night and publish the final result on Friday. You can track the debate's progress here.