Around a million years ago (it feels like) but actually 9 months ago I delivered a brief talk on end to end encryption for the European Internet Forum at the European Parliament.
Because of my new job, I will soon no longer be able to opine on these things as easily. Given the upheaval caused this week by the end-to-end encryption paper from the Council of the European Union, I thought it timely to re-up my little speech now.
If you can spare 9 minutes, I recommend watching the video.
To make life easier, I’ve used the astoundingly great otter.ai transcription service to produce this lightly edited transcript.
So thank you for inviting me here. And we’ll try to keep this brief. So who am I? Why am I here? I spent like half of my career working for open source software, privacy, enhancing strong encryption, I spent the other half working for a law enforcement, intelligence agencies and selling stuff to them.
As you can imagine, this leads to some conflicts among my friends, and sometimes even among myself. And you will notice this in my presentation, because if I do my job right, this presentation will upset everyone, just not the same people at the same time.
First, I want to talk a little bit about backdoored encryption. And I don’t know, actually, who is proposing that. I tried looking it up who came up with it and we only see a little bit from the UK Government.
It has never worked.
And let me add one concrete example of how it’s backfired spectacularly. When the GSM protocol was developed, the Berlin Wall was still a thing. And we needed the GSM encryption to be good enough to keep the Russians out.
So strong encryption was designed. Because there were all kinds of receivers around Berlin receiving West-Germans, and they did not want that. So they designed the strength of the GSM encryption protocol to be good enough to keep out the Russians.
And then at some point, someone from the US came along and said “you need to make the encryption 1000 times weaker”. And that’s what happened. And that put the encryption level of GSM at the point that the NSA could decrypt it, and the rest of the world could not. And they got it right. We know that they got it right, they calibrated it correctly.
The problem is, in 2020, GSM is still here. And my PlayStation could probably now decrypt it, because we are still faced with that backdoored encryption from the Berlin Wall era. So it never works.
So I should now have upset half of you. I will start working on the other half now.
One story I’d like to mention is, if you do backdoored encryption, who gets the real encryption? Is there a board that decides who gets the non-backdoored encryption?
In my family, we have a typewriter that belonged to my grandfather. And it was a licensed typewriter for official company use during the Second World War, because typewriters were a means of resistance. My grandfather was allowed to have one for his administration. So apparently there was a typewriter licensing Bureau.
If we mandate backdoored encryption, I mean, I assume all of you want an exception to this rule? And it’s going to be a very strange situation, because you might not get it!
This is where it gets tricky. We’ve heard two previous speakers argue basically that the police should leave the Internet, and should in general, leave communications.
So every communication should be as private as communication in your own house. That’s a wonderful thing. Even in the European Convention on Human Rights, article 8, which enshrines our right to privacy, it says there actually are limits to privacy.
And if we argue for a world in which we say, look, everything needs to be private all the time for everyone, no exceptions, we will not have a just and functioning society.
And it’s disingenuous to stand here and say, the police should just do their work in bars and pubs and other places like they used to, whereas the whole world has now moved to digital.
So there is a matter of balance. So where is the balance? According to police forces, the balance is where every communication is easily available with no undue delay, and cheaply, by the way. So we want to get access to all data. And quickly, and no one must ever be able to evade surveillance.
That is really what police people would want, because it would make their life super easy. Solving crimes that way is like life on easy mode. I mean, it’s almost as easy that way as if you were Google.
Because if you look at the data hoard that companies like Google and Facebook have, they could probably solve most crimes on their own, simply based because they know where everyone was all the time, where they buy things, who they talk to, the contents of their communications.
If you would have this sort of God’s eye view of Google, you could probably solve most crimes in an afternoon!
That’s also not good, by the way.
So there is a balance, and the balance is good when police and law enforcement have sufficient access to communications, that society is happy with the results.
Society might not be happy if trivial crimes become unsolvable, because we simply say sorry, we try to do investigations, but everything is encrypted. There’s nothing we can do. That’s not something society will accept.
At the same time, we should also not accept that it should be super easy to access all communications all the time.
Now, we’ve been here before. In 2003, a company called Skype was launched. And Skype came from very gifted Estonians and Ukrainians and Kazakhstan people. And they were quite wonderful. They were hiding out in a small office in Amsterdam. I visited them, some of their guys also slept there.
They built a communication platform that was not only fully end to end encrypted, it also had no metadata. Oh, and they also did not respond to law enforcement requests. So they created a complete black hole for law enforcement, you could not serve a warrant on them.
If you looked at the traffic, you could not see who was communicating with who, in fact, it was pretty difficult to figure out that someone was even using Skype. This was 2003. By 2005, Skype had 40 million users. and law enforcement was in a blind panic.
Because this was the nightmare for everyone. Unreadable communications, no metadata, nothing. In 2005, Skype was acquired by eBay, in a very strange move, for many, many billions. And later through Edward Snowden, we learned that that acquisition had a remarkable effect on the privacy operations of Skype.
We live in a Golden Age of Law Enforcement.
Now, I realize this is strange to say, because it might sound like some kind of emergency is happening. But rarely has more information been available than is now. If you manage to get your hands on it, the big cloud providers have all the answers.
Back when I was in active law enforcement, we need to actually put a beacon in your car to figure out where you were. Now, you can just ask, it’s very nice.
So actually, law enforcement does not have it that badly right now. Law enforcement has always complained about new technology, whenever something new gets invented, they have always complained.
I looked it up as an example, when the car was invented. And indeed, when the car was invented, the police said, this is a big problem, because [criminals] will outrun our horses now.
And then they tried to regulate cars. So the natural response of law enforcement to new technology is to say, look, it’s going to change the way we work, and we don’t want that. And actually, from their perspective, I see where they’re coming from.
The big change we’re seeing now, and that’s why people are so worried and coming up with proposals like backdoored encryption, is that good encryption is becoming the out of the box default.
Until 1990 good encryption was scarce, and it was also frankly illegal. After 1990 good encryption became available, but it was terrifically difficult to use. Everyone messed it up, law enforcement themselves messed it up. It was very difficult to get right. But now we are living in an era where good encryption is becoming a standard.
Just like back when Skype came around, you don’t need to do anything to encrypt your WhatsApp messages. They are just encrypted out of the box. And the reason why people are in such a panic is that they see a future ahead of themselves where every communication is fully encrypted all the time.
And that would deliver the dream of some people that the police can get out of the internet. But law enforcement sees it as a challenge to them doing their job.
In seven minutes, or nine by now, I know I cannot settle the debate. Would probably take nine days!
But I hope that in this little talk I have challenged some of your assumptions about why encryption is bad or good.
And I would argue strongly that whenever someone argues for backdoored encryption, ask them for specific details. So how does it work? Who is proposing that? Could you write down how that would work?
Because as long as we’re just sitting here telling each other how terrible backdoored encryption is, no progress is being made.
And any real solution always has to keep in mind the much vaunted article eight of the European Convention on Human Rights.
How do we balance privacy with the rule of law?