Go to the profile of Emad Heydari Beni
Emad Heydari Beni
I am a researcher in computer science at KU Leuven. Opinions are my own.

Full privacy and girls for sale: the encryption dilemma

A girl for sale: “Virgin, beautiful, 12 years old …. Her price has reached $12,500 and she will be sold soon”. That was an advertisement in Arabic on the encrypted Telegram App. Apparently, it was shared by an activist minority of Yazidi community.

The Associated Press

At this point any sensible person’s reaction would tend to be: “Shouldn’t we ban secure, content-encrypting messaging applications?”

When I read this headline for the first time, I was really shocked. It’s really hard to hear that there are databases of 3,000 women that can be sold as sex slaves. I don’t have any detailed information about this people and what they have been through, but obviously these things in the 21st century are absolutely sad, disgusting and unacceptable.

Shame on those human beings! But slavery has been around for centuries, so what’s new here?

Technology is.

The “fusion of barbaric practices and modern technologies

Did you know that Messaging applications like Telegram and WhatsApp are reliable places for groups like ISIS to buy/sell weapons, tactical gears and, of course, young girls?

Given the recent events, the first thing crossing our mind is that we should somehow shut these messaging applications down.

Unfortunately that’s not a viable solution. These apps have changed the way we used to communicate with each other comparing to traditional mobile phones. Simply shutting them down would also mean to take back those tools from persons using it in a totally legitimate and harmless way.

Lowering the security!

The second thought might be lowering the security. This means lowering the quality of security constraints, features, countermeasures, … in order to enable intelligence agencies to intercept communications or access mobile phones, perhaps remotely.

Most notably, there have been talks of lowering the strength of the encryption these applications use to apply “End-to-End encryption”: one of the key reasons that enables ISIS to perform their barbaric practices regarding sex slavery.

But again, this is a double-edged tactic. In short: if an agency, even well-meaning, can spy on a population’s messages, then there’s a good chance others can too. And that’s including hackers that would be part of, or working for terrorist groups.

To put it in another way: an electric power plant’s employee sends the main access codes to his colleague through encrypted messaging or email. An intelligence agency can now see the codes. But so can a hacker working for some terrorist bastards. Guess what could happen next!

(hint: think “weeks-long blackouts” and a serious hit on a country’s economy)

So what should we do?

What Lamiya Aji Bashar and others have been through are catastrophic incidents implying serious violations of human rights, yet compromising the security of a software application (must notably Messaging apps) is as dangerous to terrorists as it is to us.

On one hand we may gain access to ISIS conversations and get some tactical information about their activities, on the other hand we endanger the privacy of the entire world and expose our own tactical, sensitive information. Imagine that: how easy would it become for a government to spy on another? Just a matter of hiring the right hackers…

But let’s assume for a moment that there are no hackers and that a coalition of governments pulls it off: encryption impenetrable to all but a few selected ones, whose task is to intercept and verify communications. Who would have the keys to read encrypted messages? Would it be United States? European Union? Russia? Iran? China?

How to reach a consensus on a global scale? Most likely we would end up having lots of local messaging applications for different regions because no country or government would trust the others.

The Internet screams for safety and security!

At its core the Internet is there to make people all around the world connected to each other; to share ideas:

“We are all now connected by the Internet, like neurons in a giant brains” (Stephen Hawking)
“The Internet could be a very positive step towards education, organisation and participation in a meaningful way” (Noam Chomsky)

And today the Internet is everywhere: from our mobile phones to our TV’s in our living rooms. The first bit of education and democracy is having conversation with our own kind. Keeping people apart from each other destroys the unity of future generations.

In order to preserve that, the Internet in general (and Messaging/Email applications in particular) needs to be safe, private and secure.

We need a safer Internet for ourselves, our kids, and all future generations.

The Internet screams for safety and security!

Knowing that “brownfield applications” are those that are designed and developed in pre-Snowden era, and “greenfield applications” are those architectured in post-Snowden era with extra privacy attention, the recent evolutions towards this end are:

As part of Seeld’s core developers’ team, we face this kind of dilemmas everyday. We strive to improve the privacy of our daily life communications and of course raise awareness of such issues. But that also means we contribute (along with others) in shifting the issue of terrorism prevention: other means than communications’ surveillance will have to be found.

Lamiya Aji Bashar suffered slavery in the 21st century, which is unacceptable. The problem is: the options considered today put the privacy and lives of 7 billion humans at risk.

It is therefore essential to find other ways to stop terrorism, ones that would not imply weakening our communications’ security.

Read the full story about Lamiya at The Associated Press.

(Authors: Emad Heydari Beni and Diego Pappalardo)