Share This article

In recent months, we’ve seen calls from multiple government officials to roll back encryption protections and create backdoors in software. At certain points, the debate over these issues has reached a fever pitch, with New York District Attorney Cyrus Vance Jr telling Congress that Apple’s decision to include strong encryption in iOS 8 was basically intended to please criminals, child pornographers, and murderers. Now, two FTC commissioners have weighed in on the topic — and their own views couldn’t be more different.

According to FTC Commissioner Terrell McSweeny, encryption is absolutely necessary if the so-called Internet of Things is ever to become a reality. Writing for HuffPo, McSweeny praises the steps that companies like Apple have taken to provide end-to-end encryption and notes that encrypting devices is one of the only way to secure smartphones, tablets, and laptops against the loss of potentially critical information if the device is physically stolen. In her Op/ed, Sweeny notes:

If consumers cannot trust the security of their devices, we could end up stymieing innovation and introducing needless risk into our personal security. In this environment, policy makers should carefully weigh the potential impact of any proposals that may weaken privacy and security protections for consumers.

Compare that against Cyrus Vance’s comments from earlier this summer:

This defendant’s appreciation of the safety that the iOS 8 operating system afforded him is surely shared by criminal defendants in every jurisdiction in America charged with all manner of crimes, including rape, kidnapping, robbery, promotion of child pornography, larceny, and presumably by those interested in committing acts of terrorism. Criminal defendants across the nation are the principal beneficiaries of iOS 8, and the safety of all American communities is imperiled by it.

Sweeny’s comments echo those of Ashkan Soltani, the Chief Technologist of the FTC. In a recent blog post, Soltani detailed how he recently had a laptop stolen, but was much less concerned about the theft than he would’ve been thanks to his use of firmware passwords and strong disk encryption. When the thief was unable to unlock the laptop, he made an appointment at an Apple Genius Bar. The FTC CTO made contact with local Apple stores and was eventually able to retrieve his laptop after the thief took it to a different store.

Germany’s Enigma machine. From the beginning, there’s been tension over how encryption should be used.

In his conclusion, the Soltani writes:

In the end, strong end-user controls like device encryption and firmware passwords not only protect sensitive info stored on the device, they also prevent criminals from utilizing stolen property. The more devices feature strong end-user controls, the less likely thieves can profit from their theft on the open market.

Encryption wars

It’s become obvious that the law enforcement community has a fundamentally different view of encryption than pretty much anybody else. To some extent, this makes sense. If your job fundamentally revolves around catching bad guys, you’re going to encounter encryption and data protection in environments where the technology is being used for criminal activity. Most of us, if we’re being honest, would be furious to see a rapist, murderer, or child pornography distributor walk free simply because their personal electronic devices couldn’t be checked for conclusive evidence that would prove their guilt.

The problem with letting this gut-level emotion run our justice system is that it produces unfair results. Emotional responses gave us the War on Drugs, mandatory minimum sentences, and a staggering rise in total prison population because getting tough on crime was the order of the day. Emotional responses gave us the Patriot Act, the explosion of warrantless wiretapping, and made Snowden’s leaks necessary to inform the public about what its government was doing.

It’s true that embracing ubiquitous strong encryption will occasionally mean that criminals escape punishment, but every single technological advance carries intrinsic trade-offs. We need more people to stand up and defend the concept of encryption — and law enforcement officials need to understand that there are uses for privacy technology that go beyond the criminal. The UK’s effort to ban encryption is as short-sighted as the NSA’s talk of adding so-called “front doors” to devices. The problem with these viewpoints is that they assume, implicitly, that denying strong encryption to criminals and terrorists will give law enforcement a critical advantage that totally outweighs the cost of everyone’s lost privacy, security, and freedom.