SAN FRANCISCO A Justice Department official hinted on Monday that a yearslong fight over encrypted communications could become part of a sweeping investigation of big tech companies.
While a department spokesman declined to discuss specifics, a speech Monday by the deputy attorney general, Jeffrey A. Rosen, pointed toward heightened interest in technology called end-to-end encryption, which makes it nearly impossible for law enforcement and spy agencies to get access to peoples digital communications.
Law enforcement and technologists have been arguing over encryption controls for more than two decades. On one side are privacy advocates and tech bosses like Apples chief executive, Timothy D. Cook, who believe people should be able to have online communications free of snooping. On the other side are law enforcement and some lawmakers, who believe tough encryption makes it impossible to track child predators, terrorists and other criminals.
Attorney General William P. Barr, joined by his British and Australian counterparts, recently pressed Facebooks chief executive, Mark Zuckerberg, to abandon plans to embed end-to-end encryption in services like Messenger and Instagram. WhatsApp, which is owned by Facebook, already provides that tougher encryption.
Companies should not deliberately design their systems to preclude any form of access to content even for preventing or investigating the most serious crimes, Mr. Barr wrote in a letter last month.
Here is an explanation of the technology and the stakes.
End-to-end encryption scrambles messages in such a way that they can be deciphered only by the sender and the intended recipient. As the label implies, end-to-end encryption takes place on either end of a communication. A message is encrypted on a senders device, sent to the recipients device in an unreadable format, then decoded for the recipient.
There are several ways to do this, but the most popular works like this: A program on your device mathematically generates two cryptographic keys a public key and a private key.
The public key can be shared with anyone who wants to encrypt a message to you. The private key, or secret key, decrypts messages sent to you and never leaves your device. Think of it as a locked mailbox. Anyone with a public key can put something in your box and lock it, but only you have the private key to unlock it.
A more common form of encryption, known as transport layer encryption, relies on a third party, like a tech company, to encrypt messages as they move across the web.
With this type of encryption, law enforcement and intelligence agencies can get access to encrypted messages by presenting technology companies with a warrant or national security letter. The sender and recipient would not have to know about it.
End-to-end encryption ensures that no one can eavesdrop on the contents of a message while it is in transit. It forces spies or snoops to go directly to the sender or recipient to read the content of the encrypted message. Or they must hack directly into the senders or recipients device, something that can be harder to do at scale and makes mass surveillance much more difficult.
Privacy activists, libertarians, security experts and human rights activists argue that end-to-end encryption steers governments away from mass surveillance and toward a more targeted, constitutional form of intelligence gathering. But intelligence and law enforcement agencies argue that end-to-end encryption makes it much harder to track terrorists, pedophiles and human traffickers.
When Mr. Zuckerberg announced in March that Facebook would move all three of its messaging services to end-to-end encryption, he acknowledged the risk it presented for truly terrible things like child exploitation.
Encryption is a powerful tool for privacy, but that includes the privacy of people doing bad things, he said.
The debate over end-to-end encryption has had several iterations, beginning in the 1990s with the spread of Pretty Good Privacy, or PGP, software, an end-to-end encryption scheme designed by a programmer named Phil Zimmermann. As a result, the Clinton administration proposed a Clipper Chip, a back door for law enforcement and security agencies.
But the Clipper Chip provoked a backlash from a coalition of unlikely bedfellows, including the American Civil Liberties Union; the televangelist Pat Robertson; and Senators John Kerry, the Massachusetts Democrat, and John Ashcroft, the Missouri Republican. The White House backed down in 1996.
End-to-end encryption gained more traction in 2013, after data leaked by the former National Security Agency contractor Edward J. Snowden appeared to show the extent to which the N.S.A. and other intelligence and law enforcement agencies were gaining access to users communications through companies like Yahoo, Microsoft, Google and Facebook without their knowledge.
Encrypted messaging apps like Signal and Wicker gained in popularity, and tech giants like Apple and Facebook started wrapping user data in end-to-end encryption.
Google, which pledged to add an end-to-end encryption option for Gmail users several years ago, has not made this the default option for email. But the company does offer a video-calling app, Duo, that is end-to-end encrypted.
As more communications moved to these end-to-end encrypted services, law enforcement and intelligence services around the world started to complain about datas going dark.
Government agencies have tried to force technology companies to roll back end-to-end encryption, or build back doors, like the Clipper Chip of the 1990s, into their encrypted products to facilitate government surveillance.
In the most aggressive of these efforts, the F.B.I. tried in 2016 to compel Apple in federal court to unlock the iPhone of one of the attackers in the 2015 mass shooting in San Bernardino, Calif.
Mr. Cook of Apple called the F.B.I.s effort the software equivalent of cancer. He said complying with the request would open the door to more invasive government interception down the road.
Maybe its an operating system for surveillance, maybe the ability for the law enforcement to turn on the camera, Mr. Cook told ABC News. I dont know where it stops.
Privacy activists and security experts noted that any back door created for United States law enforcement agencies would inevitably become a target for foreign adversaries, cybercriminals and terrorists.
Alex Stamos, the chief security officer of Yahoo at the time, likened the creation of an encryption back door to drilling a hole in the windshield. By trying to provide an entry point for one government, you end up cracking the structural integrity of the entire encryption shield.
The F.B.I. eventually backed down. Instead of forcing Apple to create a back door, the agency said it had paid an outside party to hack into the phone of the San Bernardino gunman.
Governments have stepped up their calls for an encryption back door.
Last year, Australian lawmakers passed a bill requiring technology companies to provide law enforcement and security agencies with access to encrypted communications. The bill gave the government the ability to get a court order allowing it to secretly order technology companies and technologists to re-engineer software and hardware so that it can be used to spy on users.
Australias law is based on Britains 2016 Investigatory Powers Act, which compels British companies to hand over the keys to unscramble encrypted data to law enforcement agencies. The Australian law could apply to overseas companies like Facebook and Apple.
Australias new law applies to network administrators, developers and other tech employees, forcing them to comply with secret government demands without notifying their employers.
Other governments are also considering new encryption laws. In India, Facebooks biggest market, officials told the countrys Supreme Court in October that Indian law requires Facebook to decrypt messages and supply them to law enforcement upon request.
They cant come into the country and say, We will establish a non-decryptable system, Indias attorney general, K.K. Venugopal, told the court, referring to Facebook and other big tech platforms. Indias Supreme Court has said it will reconvene on the issue in January.
- Review: SecureDrive BT, the encrypted external SSD you can unlock with Face ID - 9to5Mac - January 19th, 2020
- EncryptOnClick is a freeware tool that can encrypt files and folders - Ghacks Technology News - January 19th, 2020
- Trump and Comey Are United Against Encrypted Communications - Reason - January 19th, 2020
- Police Scotland to roll out encryption bypass technology - Glasgow Live - January 19th, 2020
- Encryption battle reignited as US govt at loggerheads with Apple - Times Now - January 19th, 2020
- Hardware Encryption Market Set To Register A CAGR Growth Of XX% Over The Forecast Period 2017 2025 - Fusion Science Academy - January 19th, 2020
- Malware Obfuscation, Encoding and Encryption - Security Boulevard - January 14th, 2020
- Microsoft CEO says encryption backdoors are a terrible idea - The Verge - January 14th, 2020
- Debate over access to encryption isn't going away - Washington Examiner - January 14th, 2020
- Over two dozen encryption experts call on India to rethink changes to its intermediary liability rules - TechCrunch - January 14th, 2020
- Encryption Software Market Booming by Size, Trends and Top Growing Companies- IBM Corporation, Sophos, Ciphercloud, Pkware, Mcafee - BulletintheNews - January 14th, 2020
- Hardware-based Full Disk Encryption Market Analysis With Key Players, Applications, Trends And Forecasts To 2025 - Instanews247 - January 14th, 2020
- Mobile Encryption Market Insights and Technology 2020, Forecasts to 2026 - Broadcast Offer - January 14th, 2020
- Garda needs new technology for online child abuse investigations - The Irish Times - January 14th, 2020
- IoT Security Solution for Encryption Market Research, Recent Trends and Growth F - News by aeresearch - January 14th, 2020
- Apple made a rare appearance at tech's biggest conference and defended encryption on the iPhone - Business Insider - January 8th, 2020
- Encryption Software Market to cross USD 20 Bn by 2026: Global Market Insights, Inc. - Yahoo Finance - January 8th, 2020
- Data Encryption Software Market Size by Top Leading Key Players, Growth Opportunities, Incremental Revenue , Trends, Outlook and Forecasts to 2025 -... - January 8th, 2020
- WidePoint Partners with KoolSpan to Offer End-to-End Encryption for Phone Calls and Text Messages - GlobeNewswire - January 8th, 2020
- Encryption Software Market 2020 Size, Growth By Top Companies, Forecast Analysis To 2027 - Citi Blog News - January 8th, 2020
- How to cope with a FileVault recovery key disappearing while you write it down - Macworld - January 8th, 2020
- Doing these 10 things on WhatsApp may land you in jail - Gadgets Now - January 8th, 2020
- Holistic encryption is one of the keys to California Consumer Privacy Act risk management - Continuity Central - January 6th, 2020
- Encryption Software Market 2020 Size, Share Metrics, Growth Trends and Forecast to 2026 - Food & Beverage Herald - January 6th, 2020
- New Informative Report of IoT Security Solution for Encryption Top Key Players are Cisco Systems, Intel Corporation, IBM Corporation, Symantec... - January 6th, 2020
- Maastricht University gets almost all of its Windows systems encrypted by ransomware - 2-spyware.com - January 6th, 2020
- Homomorphic Encryption Market Analysis, Industry Size, Application Analysis, Regional Outlook, Competitive Strategies And Forecasts (2020 2027) -... - January 6th, 2020
- The Week in Ransomware - January 3rd 2020 - Busy Holiday Season - BleepingComputer - January 6th, 2020
- Keep Your Business Secure From Online Threats - BBN Times - January 6th, 2020
- State Department Adds ITAR Definitions in Interim Final Rule for Activities that Are Not Exports, Reexports, Retransfers or Temporary Imports -... - January 6th, 2020
- Global Hardware-based Full Disk Encryption (FDE) Market Executive Summary and Analysis by Top Players 2020-2027: Seagate Technology PLC, Western... - January 6th, 2020
- Clop Ransomware Now Kills Windows 10 Apps and 3rd Party Tools - BleepingComputer - January 6th, 2020
- Scientists in Scotland help develop worlds first encryption system that is unbreakable by hackers - The Independent - December 21st, 2019
- Apple Bows Down To Google As 2019 Most Trustworthy Recognition - International Business Times - December 21st, 2019
- Facebook , Apple being threatened by US senators over data encryption - Gizmo Posts 24 - December 21st, 2019
- How To Secure Microsoft Windows 10 In Eight Easy Steps - Forbes - December 21st, 2019
- Examine Mobile Encryption Market expected to obtain $2,917.9 million by 2022 - WhaTech - WhaTech - December 21st, 2019
- Facebook's end-to-end encryption will enhance user privacy but its not good news for law enforcement - Firstpost - December 21st, 2019
- Future of Encryption Software Market Reviewed in a New Research Study 2019-2025 - Daily News Reports 24 - December 21st, 2019
- Fortanix expert on how European companies are taking back control of their data in the cloud - Intelligent CIO ME - December 21st, 2019
- What's that? Encryption's OK now? UK politicos Brexit from Whatsapp to Signal - The Register - December 20th, 2019
- NYPD radio encryption most likely wont happen in 2020 but will soon - amNY - December 20th, 2019
- If You Think Encryption Back Doors Won't Be Abused, You May Be a Member of Congress - Reason - December 20th, 2019
- The decline of passwords, the rise of encryption and deepfakes cybersecurity predictions for 2020 - BetaNews - December 20th, 2019
- Facebook's Push for End-to-End Encryption Is Good News for User Privacy, as Well as Terrorists and Paedophiles - Nextgov - December 20th, 2019
- Internet of crap (encryption): IoT gear is generating easy-to-crack keys - The Register - December 20th, 2019
- What Is Snatch Ransomware and How to Remove It - Guiding Tech - December 20th, 2019
- Hardware-based Full Disk Encryption Market Executive Summary, Introduction, Sizing, Analysis and Forecast To 2025 - Market Research Sheets - December 20th, 2019
- NYPD Eyeing Encrypted Radios to Protect Criminal Investigations - Officer - December 20th, 2019
- Volunteer firefighters, EMTs worry they won't have NYPD radio access to help public - amNY - December 20th, 2019
- What We Learned About the Technology That Times Journalists Use - The New York Times - December 20th, 2019
- The Senate Judiciary Committee Wants Everyone to Know It's Concerned About Encryption - EFF - December 14th, 2019
- The Defense Department Says It Needs the Encryption the FBI Wants to Break - Free - December 14th, 2019
- Congress wants to regulate encryption for big tech - The Burn-In - December 14th, 2019
- Facebook says it won't break end-to-end encryption - TechRadar - December 14th, 2019
- Encryption spat sees backdoor back-and-forth between tech firms, Congress - TelecomTV - December 14th, 2019
- Michael Hayden Ran The NSA And CIA: Now Warns That Encryption Backdoors Will Harm American Security & Tech Leadership - Techdirt - December 14th, 2019
- Large, diverse coalition of civil society groups tell the US, UK and Australian governments not to ban working encryption - Boing Boing - December 14th, 2019
- U.S. Attorney Justin Herdman of Ohio says agents need access encrypted devices, apps for the sake of public s - cleveland.com - December 14th, 2019
- Google makes it safer to text on Android phones, but end-to-end encryption is still MIA - PCWorld - December 14th, 2019
- Priti Patel bids to create end-to-end encryption apps' back door - The National - December 14th, 2019
- Encryption can't put tech giants beyond the reach of the law, Minister says - The Age - December 14th, 2019
- Chrome 79 includes anti-phishing and hacked password protection - Naked Security - December 14th, 2019
- Hardware Encryption Technology Market : Analysis and In-depth study on market Size Trends, Emerging Growth Factors and Forecasts to 2027 - Downey... - December 14th, 2019
- Encryption back on the congressional agenda - Politico - December 9th, 2019
- Police radios blocked from the public in southeast Denver metro area - The Denver Post - December 9th, 2019
- Encryption Software Market Innovations, And Top Companies - Forecast To 2029| Microsoft, Sophos Ltd., Check Point Software Technologies Ltd. -... - December 9th, 2019
- Did You Hear That? Securing Communications in 2019 | Insight for the Connected Enterprise - No Jitter - December 9th, 2019
- 'Government broke their promise': Labor seeks to amend encryption legislation - Sydney Morning Herald - December 9th, 2019
- Global Hardware-based Full Disk Encryption Market 2019 Innovation and Technological Developments, Industry Analysis & Outlook 2023 - Weekly News... - December 9th, 2019
- Privacy vs public safety - the pros and cons of encryption - World Economic Forum - December 8th, 2019
- 80% of all Android apps encrypt traffic by default - We Live Security - December 8th, 2019
- Keybase moves to stop onslaught of spammers on encrypted message platform - Ars Technica - December 8th, 2019
- Labor says it will fix encryption laws it voted for last year - ZDNet - December 8th, 2019
- Nick Clegg to be summoned to Parliament to give evidence on Facebook encryption - Sunriseread - December 8th, 2019
- This startup just solves the data privacy problem by making it possible to search encrypted data in the cloud - TechStartups.com - December 8th, 2019
- Encryption Software Market to Discern Magnified Growth During 2017-2027 - Weekly Spy - December 8th, 2019
- Millions of Private Text Messages Have Been Exposed: Here's How to Encrypt Messages on iPhone and Android - Tech Times - December 8th, 2019
- Biometric Data Encryption Device Market : Analysis and In-depth study on market Size Trends, Emerging Growth Factors and Forecasts to 2018 to 2028 -... - December 8th, 2019
- Certbot Leaves Beta with the Release of 1.0 - EFF - December 8th, 2019