Only the Bad Guys Will Use Encryption
Terrorism is bad, but losing our privacy would be worse.
This morning, Tim Cook, CEO of Apple, posted an open letter to Apple users. In the letter, he explained that the FBI has successfully obtained a court order compelling Apple to decrypt the iPhone of one of the suspects in last year’s San Bernardino shooting. The authorities’ actions in attempting to force Apple to circumvent (and effectively, to destroy) the encryption built into its devices is unprecedented, will certainly have disastrous unintended consequences, and must not stand.
Since the release of iOS 8 in 2014, all iPhones, iPads, and other devices based on iOS have included encryption software by default. If you have enabled the passcode lock on your iPhone, you have also turned on the phone’s built-in encryption. In so doing, you have electronically scrambled and encoded the contents of the phone. This makes it virtually impossible for anyone, be it a hacker, thief, or even a government official, to access your device without your consent. (If you haven’t turned on the passcode lock, stop reading and do it now.)
Apple, and other technology companies, include encryption in their products for the sole purpose of protecting our privacy. By blocking access to our devices by unauthorized parties (including Apple itself), the company assures its users that their personal information is theirs alone. The import of locking down our mobile device data is obvious, especially in light of the prevalence of smartphones in the modern world. Would you want criminals having access to your location, phone calls, emails and texts, and passwords? Without effective mobile encryption, that would be a very real possibility.
The FBI has taken the position that Apple should create and insert an encryption “backdoor” into their products. The proposed backdoor would circumvent devices’ encryption and allow police to decode the data on them. The FBI’s hopelessly naive dream is that the only ones with access to the backdoor would be law enforcement. They liken it to the process by which authorities can obtain wiretap warrants and listen in on criminals’ phone calls. The FBI’s analogy is specious, however. Traditional wiretaps are very limited in scope, and do not potentially expose everyone’s calls to everyone else. If criminals know that Apple has created a backdoor for law enforcement, I guarantee that they will figure out a way to exploit it and use it to steal data and commit crimes. So rather than having the police conduct limited monitoring of a criminal’s phone calls, we’ll have hackers watching everything we all do on our phones.
A better real-world comparison would be to the luggage lock program instituted by the Transportation Safety Administration (TSA) a few years ago. The TSA requires a similar backdoor in luggage locks in the form of a master key that will open all TSA-approved locks. Last year, however, the TSA was forced to acknowledge that due to a monumental blunder on its part, the patterns for its master keys had been made public and anyone in the world could easily reproduce them. Their approved locks therefore offer no meaningful security, completely defeating the purpose of using them.
The FBI almost certainly has better security procedures in place than does the TSA, and might be able to keep a lid on this kind of backdoor for a bit longer. But there is simply no way that hackers will not eventually steal or reverse-engineer the keys to the kingdom. When they do, the intimate personal information of hundreds of millions of people will be free for the taking. Meanwhile, criminals will still use other forms of encryption not containing backdoors, which have and will continue to exist. All that will be accomplished will be to erode one of the few remaining sources of privacy in the digital age.
Ultimately, this issue comes down to a balancing test between privacy and security. The FBI seems to think that Americans don’t care about their privacy, and will stand idly by while it is sacrificed in the name of security. I hope that we will instead remember the words of one of my favorite Founding Fathers, Benjamin Franklin:
[T]hose who would give up essential liberty to purchase a little temporary safety deserve neither liberty nor safety.
If we permit the government to weaken electronic security out of paranoia and fear, we will create a lose-lose scenario. Criminals will still use encryption to evade law enforcement, and average people will be exposed to a nightmarish panoply of hacks and data thefts. We must stand with Apple, Google, Microsoft, and the multitude of other technology companies opposed to encryption backdoors. Because the alternative — losing what remains of our privacy — will surely be worse than any act of terrorism.
