In October, FBI Director James Comey gave a speech arguing that “going dark” — that is, implementing encryption on platforms like Android and iOS — is a public safety hazard, and the government should have encryption key access (a back door). Understandably, the comments started a discussion about the very nature of encryption: should the government have a back door to access your data, or do users have every right to go dark?
FBI: The Case Against Going Dark
Comey’s argument is simple: while going dark might seem like a smart move for the individual consumer, it presents a unique problem for law enforcement. What happens if there were encrypted data on a phone that the FBI could not access, even with a valid search warrant?
Previously, if law enforcement obtained a warrant, it was entirely likely that they would then have all the power they’d need to access potential evidence on someone’s cell phone. After all, encryption was not something easy to use, or readily available to the average consumer. In the post-Snowden era, however, there are several encryption tools available for users who see going dark as a way to protect their data from prying eyes.
Comey understands that most people really have nothing to hide from law enforcement — they just don’t want uninvited onlookers to access their private information — but he worries that the day is coming where impenetrable encryption will allow a criminal to walk, or for innocent people to get hurt.
How Encryption Casts Shadows
Data encryption works by using a cipher to make data unintelligible to those without a key to read it. Modern encryption uses incredibly complicated ciphers to encrypt data. How complicated? As most forms of digital encryption are based on the Advanced Encryption Standard (AES), there are a potential 340 trillion, trillion, trillion different combinations. Even if you had access to the fastest supercomputer on the planet, it wouldn’t be able to crack into a document encrypted with a cipher that strong.
If the FBI wanted to get into a criminal’s phone that had its data encrypted, or if they wanted to listen in on an encrypted connection, they would need those keys. While some might suggest that they could just brute force their way in, there isn’t a computer powerful enough for the job. For the moment, a back door is the only way.
In Defense of Encryption: The Case for Going Dark
Only a few years ago, going dark might have seemed like an overreaction, something only the most paranoid and tech-savvy users might consider. Yet, in a post-Snowden, post-Sony hack era of security, everyone is worried about who can see their data. While it’s unlikely that most of us will ever find ourselves on the wrong side of an FBI subpoena, it is still unnerving to think that someone, however well-meaning, could potentially see your data.
Sure, the government probably doesn’t want to see your legendary apple pie recipe, or your collection of cute animal pictures, but why trust them if you don’t have to?
Even the FBI Likes Encryption
It’s worth mentioning that even the FBI’s website recommends encryption on cell phones: “[Encryption] can be used to protect the user’s personal data in the case of loss or theft.” After all, cellphones are no longer just devices used for communication. We store our entire lives on phones, from pictures, to notes, to sensitive work data.
While going dark is popular partially because of fears of surveillance, it is also popular because of users’ fears that their data could fall into malicious hands. Going dark protects your data not only against surveillance, but also against hackers. While the government might not like that Apple and Google are allowing their users to go dark, the end result is a more secure experience for everyone. Yes, there is the threat that criminals might go dark as well, but that threat is nowhere near as scary as a thief getting hold of the backdoor to your encrypted data.
The Right to Privacy
Virtru was founded on the belief that everyone has a right to keep their digital content private and secure, and that it should be easy and convenient to do so. That’s why Virtru works seamlessly with your existing email service to provide client-side email encryption. In addition, we are committed to fight secrecy orders, non-targeted or “bulk” orders and orders for encryption keys based on any standard less than probable cause.
If you feel, as we do, that you have a right to go dark, download Virtru today and see how easy it is to protect your email privacy.