Make Encryption Ubiquitous, Says Internet Society

The Internet Society has urged the G20 not to undermine the positive role of encryption in the name of security, claiming it should provide the foundation of all online transactions.

As the world’s leading economies met in Hamburg late last week, president and CEO of the non-profit, Kathryn Brown, called for ubiquitous encryption for the internet.

That comes amid a resurgence in encryption-bashing from some senior politicians, which have portrayed it as enabling terrorism in the wake of recent attacks in London and elsewhere.

Most notably, UK home secretary Amber Rudd went on the offensive, naming and shaming Facebook’s WhatsApp for its use of end-to-end encryption.

Rudd and others around the world want to force tech firms to effectively create backdoors for law enforcers, so they can be used to intercept communications of suspects under investigation.

Even the historically more liberal European Commission recently claimed it was considering such a strategy.

However, the Internet Society’s Brown argued that encryption “should be made stronger and universal, not weaker”.

“Strong encryption is an essential piece to the future of the world’s economy and the Internet Society believes it should be the norm for all online transactions. It allows us to do our banking, conduct local and global business, run our power grids, operate, communications networks, and do almost everything else,” she wrote.

“However, rather than being recognized as the way to secure our online transactions or our conversations, all too often the debate focuses on the use of encryption as a way to thwart law enforcement. To undermine the positive role of encryption in the name of security could have devastating consequences.”

Kevin Bocek, chief cybersecurity strategist for Venafi, agreed with the Internet Society, adding encryption was particularly important as we move to a world dominated by AI.

“Machines have to be able to know which machine they are taking to – they need privacy. This goes beyond enabling ecommerce and online banking – all machine identities need to be protected and to do this we need encrypted and private communications,” he added.

“This is why our IoT-driven future, where decisions are made and business is conducted in the cloud through machines, needs encryption. If government wants to have an e-enabled, information society of the future, encryption is a required ingredient, not an optional one that can be picked up or put down at will.”

The G20 has for the first time decided to hold ministerial meetings focused specifically on digital policy areas, and is also inviting non-governmental stakeholders to contribute, offering a great opportunity for a more balanced debate, Brown argued.

However, it remains to be seen whether Brown’s words will be heeded, especially as voters, politicians and headline writers appear to have little appetite to grasp the nuances of the argument for encryption.

A survey by last week revealed that most of the British public would feel safer without encryption.

A meeting of digital ministers in Düsseldorf last week appeared to focus mainly on global internet speeds and accessibility.

What’s Hot on Infosecurity Magazine?