Encryption has been a hot button issue in social media in the last few years. End-to-end encryption is becoming the standard, and law enforcement agencies aren’t happy about this. With the escalation between the FBI and Apple over the tech giant’s refusal to unlock a terrorist’s iPhone, the effects could spill over onto social and messaging apps.
When correctly implemented, end-to-end encryption is a method of securing data through paired keys which are generated when a message is sent. When the data is encrypted in this way, the only people with access are the users with the keys: the sender and the recipient. Ideally, there is no way for anyone intercepting the message to decrypt it, even the companies transferring the message, such as Apple, Facebook, WhatsApp or any others.
It seems the FBI has been trying to pressure companies that use this encryption to deliberately weaken their security by building in backdoors for law enforcement to exploit. This naturally creates a weak point that can be exploited by anyone else with technical knowledge and weakens security overall.
Nate Cardozo, an attorney with the Electronic Frontier Foundation, noted in a statement to Wired that the FBI is trying to set precedents by fighting with tech companies, especially WhatsApp:
The fact that the FBI and the Department of Justice went so far as to issue a wiretap order—despite almost certainly knowing that WhatsApp couldn’t comply due to its encryption architecture—may have been a formality that presages more pressure to come. … The next order could cite the requirement for “technical assistance” in the Wiretap Act to try to force WhatsApp to change its code to make law enforcement eavesdropping easier, just as the FBI is trying to force Apple to create a weakened version of its mobile operating system to crack Farook’s iPhone.
According to Zach Epstein, executive editor at BGR, this tactic is already causing a major backlash among tech companies, with companies as large as Facebook working on stronger encryption in an attempt to shut the FBI out before it requests access to the social network’s services.
Even end-to-end encryption may not be safe, according to Andy Greenberg, senior writer for Wired, since the FBI could use techniques that emulate the generated security keys, allowing it to eavesdrop on communications between users. More robust technical security may keep government agencies out of social messaging for the time being, but it’s likely that shifts in the law will give us an idea of the security landscape in the future.
I don’t think you can fight law with tech. You can fight tech with tech and law with law.
Readers: Where do you stand on the encryption efforts made by app developers?