Options to End the End to End Encryption Debate

Written by

It’s a long-simmering disagreement that shows no sign of reaching a conclusion: law enforcement wants access to encrypted devices and messaging apps to fight crime. Tech companies say any system that allows for lawful access would instantly be attacked and put legitimate users in danger.

The latest spat between the FBI and Apple was over the locked devices of Mohammed Saeed Alshamrani, who was suspected of killing three people and injuring eight in a shooting spree on a Navy base in Pensacola, Florida on December 6, may have escalated the conflict, but it's unlikely to break the deadlock.

While the debate has been framed as a battle between privacy and security, the reason for the stalemate is that the conversation between law enforcement and tech firms has largely focused on one solution. With tech firms moving to stronger security and end-to-end encryption across messaging apps, the US Justice Department – along with the UK and Australia - has asked companies to create a key or ‘backdoor’ into the design of their products that would allow law enforcement to unlock the phones of criminal suspects and access data – a move that Facebook says is impossible without weakening the strength of its encryption.

Surprisingly little thought, however, has been given to alternative ways of handling the challenge of thwarting criminals who hide behind encryption, while also preserving the privacy of legitimate users. So what are the alternatives, and is there a possibility that both sides could agree a middle ground?

Facebook has offered its own solution. Anxious to avoid a scenario where unbreakable encryption would effectively become illegal, Facebook says it should still be able to provide some critical location and account information.

This is because end-to-end encryption hides all content, but not all metadata of the conversation taking place. “We are building tools to look for signals and patterns of suspicious activity so that we can stop abusers from reaching potential victims,” Facebook’s Jay Sullivan told the Judiciary Committee last month.

The big fear, however, is that 12 million referrals of child sexual abuse - currently flagged by tech giants - would be lost annually if Facebook implements its plans. Stronger encryption would limit the chances of identifying the abusers and rescuing the victims.

Then there is the argument that Facebook cannot be trusted, with critics pointing to numerous security breaches and the mass collection of users’ personal data for financial gain.

Another option, put forward by the Carnegie Endowment for International Peace in a new paper called Moving the Encryption Policy Conversation Forward, attempts to find some middle ground by separating data at rest and data in motion. It would prevent police from being able to carry out live surveillance of discussions that are in progress, but allow them – with a court-ordered search warrant – to see data ‘at rest’ on mobile phones. This would include photos and messages that are already held on suspects mobile phones, laptops and in cloud storage.

Exploring mobile phone data at rest seems to be an area most likely to kick start the debate. New York County District Attorney Cyrus Vance is among supporters of this approach and wants federal legislative action to push it through. His frustration stems from Apple’s refusal to provide access to the phone of the San Bernardino shooter following the 2015 massacre.

Even so, many in the computer security community are skeptical, and the approach rigorous testing and debate to see if its viable.

A third option isn’t so much a backdoor, more an emergency entrance. Here the government, the tech company and a neutral third party, such as a court, would each keep a fragment of a cryptographic key. Authorities would get sanctioned and pre-agreed access to messaging data – a bit like a bank safe deposit box which can only be opened if the bank and the customer are present.

According to Andersen Cheng, CEO of Post-Quantum, this scenario option would significantly limit the ability of rogue actors to get access because it means no one authority has a master key to unlock millions of accounts. Any concerns over government control can be allayed because the key management could be hosted by the social media companies, he says.

The only problem – and it’s a big one - is that no one appears to have any idea how to create such a thing at scale that will remain secret. Tech companies are likely to rail against any technical steps that would fundamentally weaken communications.

Then, there’s the current solution. Each year, US police districts give millions of dollars to third-party commercial developers to access data saved to the cloud. As we know from recent scandals, undetectable spyware exploits vulnerabilities in software, allowing the buyer to access a device to read texts, pilfer address books, remotely switch on microphones and track the location of their target. There is no shortage of commercial surveillance companies that offer these services, and police reportedly used similar tools to access the phone of the San Bernardino shooter when Apple wouldn’t help.

This kind of technology is playing an increasing part in helping government agencies all over the world prevent and investigate terrorism and crime and save lives: almost 50% of police investigations now involve cloud data.

Controversial Israeli firm NSO Group was involved in the capture notorious drug lord El Chapo, and recently police in Western Europe said that NSO spyware was helping them track a terror suspect they feared was plotting an attack during Christmas.

Despite this, encrypted devices and messaging platforms continue to complicate crime investigations, not least because critical evidence is often only available on the device itself, not in the cloud. The tools provided by commercial companies can also be expensive, with police claiming that justice is sometimes unattainable for crime victims in areas where police departments do not have the means to decrypt phones.

Campaigners also point to potential abuses and a lack of transparency over new forms of surveillance being used, and a more widespread adoption of this approach will mean that governments will have to impose careful controls to prevent misuse and enforce oversight.

Whatever the solution to the current debate over encryption, it’s unlikely to perfectly suit everyone. As the Carnegie Endowment report points out, cybersecurity advocates may have to accept some level of increased security risk, just as law enforcement advocates may not be able to access all the data they seek.

The first step, however, is recognizing that, with the lives and safety of so many at stake, lawmakers and tech firms should investigate every option.

What’s hot on Infosecurity Magazine?