Despite having more access to our communications and movements than ever before, federal officials continue to wage an assault against internet security, fighting to undermine the encryption technologies that protect our personal information. But as dangerous as this offensive already is to secure communications, it could get much, much worse.
Justice Department supporters in Congress are pushing an array of measures that could further empower federal law enforcement agencies to snoop on all of our communications while crippling the use of network encryption, which has grown in response to increasing consumer concerns about data breaches and cyberattacks.
The EARN IT Act is a bill that uses child sexual exploitation as a pretext for eroding legal protections for tech companies, with big implications for encryption. Section 230 of the Communications Decency Act grants tech platforms limited immunity from being treated as the publisher of content shared by users, provided that they remove prohibited material in good faith. Under the bill, they could lose this immunity if they fail to follow new, unspecified federal guidelines, particularly if they offer end-to-end encrypted services.
As Riana Pfefferkorn, associate director of surveillance and cybersecurity at Stanford’s Center for Internet and Society, has noted, “Encryption, particularly end-to-end encryption, is likely to be targeted as being contrary to ‘best practices’ for preventing CSAM [child sexual abuse material], because if a provider cannot ‘see’ the contents of files on its service due to encryption, it is harder to detect CSAM files.”
A proposed internet standard called New IP gives an idea of how a radically different protocol would govern the web.
The recently proposed Lawful Access to Encrypted Data Act, meanwhile, is even more extreme. It explicitly targets access to “warrant-proof encryption” in the US, giving officials unprecedented powers to force device manufacturers and service providers — including websites, social media, email providers, apps, etc. — to build a decryption capability into their products. If the protections offered by Signal, WhatsApp, or iMessage were to inconvenience law enforcement, a simple government request would open the backdoor.
These bills suggest that encryption is an optional add-on, something that’s nice to have but easily disposed of. But the truth is just the opposite. Our use of the internet needs to be more secure, not less.
This fight highlights the internet’s original sin — insecurity.
At the core of our sprawling online world lies a simple choice: How do we divide up and distribute data? In creating the TCP/IP protocol that lies at the root of the internet, Vint Cerf and Robert Kahn devised a system for turning large and complex files into small, byte-sized data packets. This framework for universally transmitting information over a global network of networks has evolved over the years, but the basic assumptions remain the same. Packets are handed off from one computer to the next until they reach their destination. And anyone who gets the packet along the way can see what’s inside.
Understandably, most of us don’t want anyone to access our information as it is being relayed across the network. This is where encryption comes in, providing mathematical protection. If you’re just another server in the middle, all you see is gibberish. But it’s up to users or services to add this encryption; it’s optional. What if it wasn’t a choice? What if, instead of relying on users to take the extra step of securing their content, all digital activity was automatically encrypted? Cerf and Kahn entertained this idea when they began developing TCP/IP, but they ultimately abandoned the effort.
The truth is that encryption is indispensable to trusted computing and security, and ‘secure encryption backdoors’ are a contradiction in terms. If you give anyone a magic key, you undermine security for everyone.
Limits in encryption and computing power at the time made the concept daunting in practice. But beyond the technical hurdles, there were political ones. The NSA actively supported encryption for itself, but was less thrilled about its use for public or commercial networks because it wanted to survey civilian activity. Kahn and Cerf abandoned encryption in the face of these roadblocks, a decision that Cerf now regrets.
Omitting encryption from the protocol layer — the specifications for how files are converted to packets — still permits countless tools that encrypt content at the software and hardware levels. But this initial framing gave lawmakers and law enforcement the mistaken impression that the internet would work just fine without encryption.
As a result, lawmakers have attacked network encryption for years. In 1994, Congress passed the Communications Assistance for Law Enforcement Act (CALEA), which requires telecommunications carriers and equipment manufacturers to embed surveillance tools within their technology. In 2004, the Justice Department petitioned the FCC to expand CALEA from applying to just phone companies to all internet service providers, forcing ISPs to make their services compatible with government wiretaps. In 2010, the FBI pushed for legislation to apply CALEA to all communications companies, though the proposed bill died a quick death.
Of course, the 2000s saw an even more dramatic assault on internet privacy in the form of the USA PATRIOT Act and its successors. Controversial provisions, like Sections 215 and 216, empowered mass data collection of US citizens’ communications, including encrypted messages. This sort of bulk data collection would have been impossible if Cerf and Khan had incorporated encryption at the protocol level. The NSA may be able to break one person’s encryption, but no one has the processing power to break the codes of billions of internet users.
Networks
Internet Evolution: A Timeline History of the Network
By Daniel McGlynn
A chronological guide to the developmental milestones that have defined the internet.
To imagine the path not taken, one need only look at the story of hardware encryption in the US, where a very different pattern has emerged. The first full-throated assault on hardware-level encryption came in 1993, when the Clinton White House announced the Clipper chip, an NSA-designed encryption circuit. It was promised to keep hackers out while enabling “authorized government agencies” to break into devices. Device manufacturers would surrender the cryptographic keys to the government in escrow.
The administration made outlandish claims about the security benefits of the circuit — but the gambit failed because backdoors don’t work. A cryptographic backdoor that’s intended for law enforcement can also be picked open by hackers. Clipper chips would have made our devices less, not more, secure. Criminals would have worked to circumvent the technology. And if American manufacturers had been forced to install the chips, other world governments might have pressured them for similar services — or an influx of foreign devices with proper encryption could have made the technology irrelevant.
The truth is that encryption is indispensable to trusted computing and security, and “secure encryption backdoors” are a contradiction in terms. If you give anyone a magic key, you undermine security for everyone.
As tech companies shape our perceptions, bias and discrimination are embedded into their products and services at multiple levels.
While the intelligence community eventually gave up on the Clipper chip, they never gave up on the mission of undermining encryption. More recent years have brought an arms race between consumer tech manufacturers and firms that specialize in breaking into their devices for law enforcement.
This is because hardware encryption often isn’t a special step you need to take, or an extra piece of code — it’s become a default part of the device. Congress could have required Apple and Google to create a built-in decryption capability just as they require ISPs to do under CALEA. The only things that stopped them was political willpower and the belief that breaking hardware encryption went too far.
Neither concern has stopped law enforcement officials from complaining about smartphone encryption, or even threatening to sue companies to break their own security. In 2014, the Obama Administration invoked the 227-year-old All Writs Act, to demand that Apple build a backdoor into the iPhone’s operating system, but they eventually dropped the lawsuit in the face of public opposition and after hacking their way into a suspect’s phone. In 2019, the Trump administration renewed the call for encryption backdoors, but tech companies again refused.
Congress has so far resisted law enforcement’s calls to weaken hardware encryption, but this resolve might not last. Support on Capitol Hill for the EARN IT Act and the Lawful Access to Encrypted Data Act shows just how immediate the threat is. Even if these bills never pass, they risk paving the way for measures that do as long as policymakers and much of the public continue to see this security as optional rather than foundational.
It may be too late to build encryption into TCP/IP, but it will never be too late to educate lawmakers on why attacks on network encryption are attacks on the internet itself.