Many commentators are referring to the current fracas over strong encryption and other security technologies, including especially Apple s refusal to provide the FBI with hacking tools for the iPhone, as a trade-off between privacy and security. Even people who feel that strong security technologies are a good thing often position things as a trade-off of this sort. I would like to reiterate something many of us already know: this is an entirely false dichotomy.
Backdoors in security systems don t just eliminate privacy, they also make systems insecure.
The current fight isn t just to make sure that the government cannot learn that you re reading dissident publications or to make sure the government cannot automatically find everyone who has opinions it doesn t like, although those are certainly worthy things to want.
The current fight is about whether we will impose a technological infrastructure which will be exceptionally vulnerable to attackers in order to provide nothing more useful than some very, very short-term advantages to people investigating crimes. This pits the interests of everyone in society who depends on technology for their safety, which is to say, more or less everyone, against a tiny group of law enforcement officials who find their jobs somewhat more difficult. We should remember that the damage caused by insecurity in our critical systems is not theoretical it is pervasive problem even today. We saw only this last week a hospital forced to pay ransom to restore its computer systems. We ve seen instances in the last year of the US federal government losing data on literally everyone with a recent security clearance to enemies unknown who presumably are very, very interested in knowing who all those US government agents might be.
Untold millions of dollars are stolen every day in various sorts of computer fraud everything from credit card fraud to fraudulent IRS e-file refunds. We already know that you can do horrible things to SCADA systems and the like that could potentially kill people, and whether you believe that s already happened or not, it is clearly only a matter of time before people die that way. All of this is because of lack of security in computer systems a lack of security that the FBI, Cyrus Vance Jr., and other special interests propose to make dramatically worse on a permanent basis, in order to make their jobs somewhat easier for the short term. Imagine what things will be like in a world where Cyrus Vance has a slightly easier job but maniacs who have stolen US government master crypto keys can cause thousands or millions of automated cars to crash, killing their occupants. So, please stop making it sound like it is merely the right to privacy that is at stake.
Certainly the right to privacy is crucial for our society, but even those who do not agree with privacy should understand that back doors are not about making a trade-off in favor of increased security but in favor of pervasive insecurity. This is not about security vs. privacy.
We re talking about nothing less than deranged short-term thinking that privileges the convenience of a small part of the machinery of law enforcement over the safety of almost everyone in our entire society.