At least Hillary Clinton’s backward stance on encryption is somewhat in line with her actions. After all, it appears that she wasn’t using encryption on her email server for at least a few months, not to mention that the server was wildly insecure in other ways, including wide-open RDP and VNC services. Talk about bush league — but this was the secretary of state.
Meanwhile, we have the Panama Papers, which is a scandal unlike any the world has ever seen. I think we’ve only begun to scratch the surface, but one of the ruefully amusing aspects was Edward Snowden pointing out the utter hypocrisy of British PM David Cameron, who appears to support security and privacy only when it benefits him.
As tired as we may be of hearing about it, the fact remains that many powerful politicians do not understand encryption, security, or even privacy. You might think that the first requirement by a Secretary of State would be secure email. If she wanted to set up her own email server, security should have been the first, second, and third concern. Instead, it apparently was completely absent from the conversation.
Within tech circles, promoting the demise of encryption is an absurdity. Even trying to understand how anyone could think otherwise is a gymnastic mental exercise because we’re too close to the issue. We know how these things work, and we know exactly what happens when security is compromised. It’s never pretty. Poor information security destroys lives, bankrupts companies, and routinely causes headaches for millions of people.
Panama Papers, IRS, Experian, Office of Personnel Management, Ashley Madison — these breaches occurred despite the ready availability of strong encryption. Eliminating that protection would increase these events by orders of magnitude. Encryption is what keeps the technology world from flying apart like a Lego cannonball fired at a brick wall.
Beating this drum is indeed getting tiresome, but it must continue until the madness subsides — and a double-edged sword may well turn this tide. That sword may be the Panama Papers themselves.
Already we’ve seen this breach claim a head of state and possibly an entire government, and there’s more on the way. I’m sure the politicians who are caught up in these revelations would have preferred that the information stored at Mossack Fonseca had been heavily encrypted. Instead, their misdeeds are now out in the world for all to see. And many of these politicians are those who would claim that citizens don’t need encryption or privacy if they have nothing to hide.
I hold no expectation that politicians will ever stop talking out of both sides of their mouths. However, you can usually count on them to consistently act in their own best interests. If strong encryption gives them more security to cover for their malfeasance, then perhaps they may view it differently. Perhaps if it’s personally beneficial — and that fact is deeply understood — then all of this disturbing talk about backdoors will cease. That may seem cynical and perhaps the right answer for the wrong reasons, but it wouldn’t be the first time that good came from ill.
After all, one of the major attacks politicians have mounted against strong encryption is that criminals can use it to evade law enforcement. As the Panama Papers would seem to indicate, the Venn diagram of politicians and crooks may be closer to a single circle than even the more jaded among us have thought. Those of us underscoring the need for strong encryption have to understand that as well: Scammers in any guise can use encryption to their own ends — and that’s how it has to be. A tool is only a tool.
If we want to address criminality, we need to look deeper into our understanding of human nature, not our understanding of technology. Advocating the destruction of the tools that protect the rest of us is absurd.