[Commentary] – This morning I watched a commentary by Hemu Nigam of SSP Blue on CNN in which he suggested that we should ban encrypted communication so security agencies can monitor all communications to protect us and our families from another attack like the ones in Paris last Friday. This came up, because of reports out of the Paris attacks investigation that the attackers hid their communications through encrypted messaging apps.
The point Nigam is making may seem logical at first glance, but is it really the right approach? What implications would this have for people and businesses?
To be honest we had the same debate in January after the Charlie Hebdo attack. The attempt was made by european governments and security agencies to implement the “right for decryption” as part of investigations. The protests rose quickly and as a result the attempted “right for decryption” found no footing.
As Nigam you might ask: Are our lives and the lives of our children worth the risk? – Definitely not, but implementing such measures or getting rid of encrypted communications in general are no permanent solution. Why? – Means of hidden communication are older then the Internet or the Telephone. Like spies in the 1960s terrorists would use tactics like dead letter boxes and couriers for communication. Those also might have been used for planning and executing the Paris attacks. As a commentator said during the coverage of the Paris attacks the terrorists have the time to get things “right”, but our security agencies don’t. Therefore for them communication not being instantaneous is no problem.
As a result the measures discussed won’t prevent an attack, they may delay it. So what would be the draw backs of putting a ban on encrypted communication or implementing a backdoor for implementing the “right for decryption”?
Lets start with the easiest the “right for decryption”: As you can imagine leaving a backdoor open to decrypt data for security agencies poses the risk that crackers make use of it. Therefore the encryption would be useless.
Which leads us to the ban on encrypted communications: Cracker are at work for companies and governments alike to obtain state and business secrets. Attacks like the prominent Sony Hack are getting more and more frequent – and all of this is already taking place while encrypted communication is being used.
Without encrypted communication every high school kid could get access to information of every person on earth with no special knowladge, using only tools that are freely available today.
The same would apply to business secrets of companies. The only permanent solution would be to take the company offline, which in our modern connected world would be a death sentence for a lot of businesses.
This would leave the world economy in turmoil. Which would be exactly what terrorist groups are looking for. So is this really what we want? Ruin our economy and play into their cards? – I don’t think so.
I can understand poeples fear and that they would like to see actions taken, but this does not mean that we should rush to conclusions and measures which at the end hurt us more than all the terrorist attacks.