You may have heard the quote from the futuristic, dystopian novel 1989 by George Orwell: “Big Brother is watching you.” Although the author was writing in 1949 about what to him was a distant future. In the story, he spins a yarn about how the government, Big Brother, abuses its power through mass surveillance.
Today, a debate not too far from this novel’s central theme rages on in the technology world: How far is too far when it comes to government access to encrypted information? The encryption backdoor debate questions whether it is reasonable for the government to have lawful access to people’s secured devices and messages.
What Is Encryption?
Encryption is when a message is scrambled with nonsensical symbols to make it impossible for anyone but the intended recipient to read. Encryption technology has been around for many years. Cryptography was used as early as 600 BC by Ancient Spartans to send secret messages in battle.
However, our modern use of data encryption has been around since around 1973. These encryptions were used for financial transactions and government messages. Data encryption comes in many forms and is much more commonplace in our everyday lives.
Most companies encrypt devices. There are also many ways for you to add encryption to your emails, instant messages, and servers to enhance your data security. When you encrypt a message, you are changing it from a readable format to a random series of plaintext nonsense.
Then, it travels to the recipient. The recipient will use their authentication keys to access the encrypted message, decrypting the content. Different types of encryption methods secure messages, devices, and applications. Most types use a combination of asymmetrical and symmetrical keys to get the message to the sender without it getting intercepted in between
End-to-end encryption (E2E) is considered the best way to make sure your content is safe. It scrambles the message into random characters as you send it, and it remains encrypted during transit. It can only be decrypted by someone who has the proper keys once it has arrived.
Encryption is used to keep sensitive information from prying eyes. Without encryption, it is easy for cybercriminals to hack into your messaging app and steal data. So, if you are sending emails or instant messages with personally identifiable information (PII), you may want to consider learning more about encrypting your emails to increase your cybersecurity.
What Is a Backdoor Protocol
A backdoor protocol is a method of bypassing the normal authentication procedures to access an encrypted message. This is applied to messaging applications, but it can also refer to operating systems on devices The protocol is a code embedded into the program’s encryption algorithm, software, or hardware.
This code allows someone to access the encrypted information without logging in and authenticating the message properly. A backdoor can be made on purpose, or it can be an accidental vulnerability. Either way, these backdoors can be used to access encrypted messages, leaving them weak to skilled cyber criminals.
Why Do Backdoor Protocols Exist?
You may be wondering why someone would intentionally put a backdoor into a program. It may seem like an invasion of privacy, but not all backdoors are meant for spying. Backdoors help with troubleshooting. They are also put into place while software developers are creating the application.
This allows them to enter and exit the application more easily as they build the app. However, if the developer forgets to delete these backdoors, they can end up leaving the applications vulnerable to hackers, resulting in data breaches.
Another reason that backdoor protocols exist is to deal with criminality. Governments and law enforcement use built-in backdoors to investigate crimes such as terrorism, child sexual abuse, and other cybercrimes.
The Encryption Backdoor Debate
In 2014, Apple launched a new security feature that encrypted communications by default on Apple products. Strong encryption forces a public debate that is ongoing today. The debate centers around whether law enforcement agencies should be allowed access to cryptographically protected devices such as cell phones to access data concerning crimes.
For example, in the case of the 2015 San Bernardino shooting, the FBI tried to force Apple to produce a more insecure version of its operating system. They wanted Apple to create a backdoor for their iOS 7 and older operating systems to assist in their criminal investigation.
The perpetrators of the shooting had a work phone the Department of Justice was interested in. The only problem was that this phone was set to destroy all its data after 10 failed attempts at the passcode. This is a standard anti-theft measure on smartphones meant to keep people from taking over a phone by typing in passcodes randomly until they unlock the device.
The FBI claimed they only wanted this backdoor created for law enforcement access. But, by creating this vulnerability, Apple would be risking the security of millions of users. However, this simple request, although easy to comply with, has larger implications for tech companies and governments around the world.
This one-time backdoor not only makes it easier for malicious actors to hack and steal people’s personal data, but it also gives the government unlimited access to monitor people. That backdoor would give the government the ability to unlock any phones using these older operating systems without knowing the passcodes.
In addition, if the government were granted the ability to force Apple and other technology companies to create these backdoors for older operating systems, this would set a precedent for forcing this type of backdoor on all encrypted devices and applications.
This loophole is one of the major reasons for the ongoing debate. Many people consider this access an overreach of the government and law enforcement’s power. Yet, in 2015, Apple refused to create the software. The FBI scheduled a court hearing, but before the hearing began the FBI withdrew their request, citing a third party who was able to get them access to the secured phone they needed.
However, this debate resurfaced in 2016 when the government compelled Apple to unlock an iPhone in a case in Brooklyn, New York. They invoked the American All Writs Act, which states: “Courts may issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.”
In other words, the courts may command others to act or not act in the name of the law. The judge ruled against the US government in this case. Though these court proceedings have yet to carry out any new standards for technology companies and government-mandated backdoors, it is obvious that the government desires to have access to encrypted devices.
In fact, in 2022, the bill EARN IT Act was passed which is a compromise requiring companies to report instances of child pornography or sexual abuse material, develop means to detect and reduce these crimes, and turn over the data related to these crimes to law enforcement.
However, is it right, even in the name of justice, to allow the government such free access to secure devices?
Encryption Backdoor Pros and Cons
As the encryption debate is ongoing, it is important to think about the pros and cons of encryption backdoors. Not all uses for this access are malevolent. There are benefits to having these types of protocols, but there are also problems with them.
Pros
#1 Protects National Security
The most obvious benefit of having backdoor protocols available for government access is to protect national security. If the government suspects an impending terrorist attack, it could gain access to encrypted communications to investigate when and where terrorists may act.
Intelligence agencies could even save lives and protect citizens by apprehending these criminals through the data they gather.
#2 Aids in Investigations
Another obvious reason lawmakers want backdoor access is to protect children from predators. Other crimes such as murder and mass shootings might be prevented if government agencies were allowed to survey people’s devices.
Also, after a crime is committed, law enforcement could use information gained through access to suspects’ devices to convict them and bring justice to horrible crimes.
#3 Some Backdoors Are Necessary
Aside from government use, backdoors can also be helpful for companies to troubleshoot issues. If a user gets locked out of their own devices when it is encrypted, these backdoors can help them gain access. Other backdoors are necessary to fight certain crimes, such as child pornography. Law enforcement needs access to information on applications and devices to protect children from criminals.
Cons
#1 It is Spying
No matter how you frame it, having backdoor access to people’s devices and encrypted messages is an invasion of privacy. Even if this access is only used by the good guys, there is no guarantee that it would be used completely for good reasons.
Privacy advocates believe that if government agencies have access to this type of spying, it leaves the door open for people to abuse this power. There is even some reason to believe that agencies like the NSA may underhandedly install backdoors into programs without letting the public know
#2 It Compromises Public Safet
Many people may argue that if you are not doing anything suspicious, you have nothing to hide. But, even if you are completely on the right side of the law, you have personal data you want to protect. Just because you are doing what is right, doesn’t mean that others are. User data contains a lot of information that criminals can use to steal from or manipulate a person.
These backdoors leave an opening for hackers to access and steal this data. Then, they can use it for nefarious reasons. These vulnerabilities also put your devices at risk of being infected with ransomware, further compromising you and your company’s data.
#3 It’s a Human Rights Issue
Additionally, placing these backdoors into encrypted data is a violation of human rights. People have the right to privacy. When you give government surveillance rights, this could easily become problematic. Surveillance is a way many regimes keep the truth from their people. It is also a way they manipulate and restrict what people can do.
What Does the Future Hold?
Encryption is becoming more of a commonality. It protects users against cybercriminals and keeps personal data secure. With bills such as the 2022 EARN IT Act, it’s clear that the US government and technology companies will have to strike a balance between allowing law enforcement to access data for investigations and protecting users’ privacy.
For Encryption You Can Trust
If you are looking for an encrypted Swiss-hosted email, VPN, and instant messaging provider, consider Sekur. We are a 100% private platform free from big tech hosting. With Sekur, you can communicate privately and securely even with non-Sekur users. We also do not data mine.
Our multi-layered 2048-bit encrypted tunnel uses HeliX technology to keep your communications safe. All communications happen on our Swiss servers only. We provide Sekur Mail to send encrypted emails with unlimited attachment sizes while monitoring your email activity.
We also have a high-speed VPN server with unlimited data so you can navigate securely while protecting your IP address. We also have a Sekur Messenger which provides fully private instant chats with no hidden storage. These end-to-end encrypted chats self-destruct across all devices.
Regain your privacy. Join Sekur today!
Conclusion
Security is a pressing issue, which is why the encryption backdoor debate is still relevant today. There is so much to consider about our online privacy and the protection of our personal data as more services are conducted online.
People will continue to redefine privacy and privacy rights in the years to come. It is important as users to make sure we do all we can to make our voices heard in these debates, and to take precautions to protect our own messages and devices going forward.
Seek out companies that prioritize your security. Use encryption to add another layer of protection and be sure to research companies to see how they handle your data.