Encryption protects the marginalised – and it’s under threat

0
304
Oracle enhances customer experience platform with a B2B refresh

Source is ComputerWeekly.com

Encryption is an essential tool that empowers marginalised people around the world to live their lives online without the risk of retribution. It protects the communications of vulnerable communities from hostile governments and third parties, and allows them to safely connect with others.

The LGBTQ+ community is just one of many vulnerable groups around the world that have come to rely on encrypted communications to protect themselves from discrimination. LGBTQ+ people need encryption to ensure their privacy and, in some parts of the world, to protect themselves from state violence.

Encryption is the process of scrambling information so it can only be read by someone with the keys to open and unscramble the information. End-to-end encryption provides the strongest level of security and trust, because, by design, only the sender and the intended recipient hold the key to decrypt the message. No third party should have access to that key. Terrifyingly, some governments and organisations are now pushing to weaken encryption under the mistaken pretence of fighting crime.

In the UK, the government’s draft Online Safety Bill asks for law enforcement agencies to be given access to the contents of private messages and files, which they claim will help them combat terrorist activity and child sexual abuse online. They see encryption, and especially end-to-end encryption, as a barrier to their work. The only way for companies to stay in compliance with the current draft of the bill would be to create “encryption backdoors”.

But research is debunking these arguments, dispelling the myth that encryption is facilitating crime. Instead, it has been shown to keep all of us safe online – in particular those most vulnerable to discrimination and abuse.

Encryption backdoors create weaknesses in the system because the doorways created for the “good guys” could be used as an entry point for “bad guys” – including criminals and hostile state actors. Research shows there are are currently no technical solutions for creating gateways that only “good guys” can use and “bad guys” cannot, despite what the UK government claims. The irony is that the creation of encryption backdoors may actually result in more digital criminality and abuse.

Vulnerable communities are rightly worried that weaknesses in the system could result in their private information being hacked and made public. Earlier this year, a gay dating app was hacked and private user information compromised. The use of encryption backdoors would make these types of attack more common, and victims of these attacks may be blackmailed or discriminated against. In extreme cases, such as domestic abuse, the exposure of data could elicit further violence.

Breaking encryption is even more dangerous for vulnerable communities in other parts of the world who are subject to prosecution on the basis of religion, ethnicity, residency status, sexual orientation and gender identity. Those deemed to be criminals could be subject to prison, torture, or even the death penalty. In March 2019, Brunei formalised an anti-LGBTQ+ law to make same-sex relations punishable by stoning to death. Encryption backdoors would erode one of the few tools available to protect marginalised groups from being exposed and punished under such laws.

Networks of targeted individuals are often left to shoulder the burden when it comes to advocating for themselves – they need private communications to work with advocacy groups and journalists who can amplify their concerns and draw attention to injustices. They use encryption to safely engage with community stakeholders, share information and resources without interception, protect themselves from personal attack, and ensure that their resources are not tampered with. Journalists also use encryption to protect their sources.

Weakening encryption would deprive these privacy-dependent resources from those who need it most. These include call centres for domestic abuse victims, suicide hotlines for LGBTQ+ youth, and medical consultations for trans individuals and those suffering from still-stigmatised diseases such as HIV. Backdoors make data collected through these resources accessible to law enforcement and vulnerable to third-party access, and individuals who need these services may hesitate to use them out of fear that their anonymity cannot be guaranteed. Exposure of data could result in violence, discrimination, blackmail and other types of abuse. 

The breaking of end-to-end encryption is a high price for everyone to pay. It’s even higher for the LGBTQ+ community and other marginalised groups around the world. Further research into the way that criminals operate online, as well as the application of alternative digital law enforcement solutions, should be explored before uninformed new regulatory steps such as the Online Safety Bill are taken.

The actions of the UK government and others in recent years have sought to unravel the hard-won security and privacy of all internet users. It is essential that those who have the most to lose, and their allies, speak up now in support of encryption.

Callum Voge is government affairs and advocacy manager for Europe at the Internet Society

Source is ComputerWeekly.com

Vorig artikelNationale Datacenter Dag 9 november 2021
Volgend artikelPoppy Gustafsson, most influential woman in UK tech 2021 – winner’s speech