By Boris Lubarsky
 |
| Photo: Boris Lubarsky |
On October 5, 2016 Edward Snowden participated in his second
roundtable discussion at Georgetown University via Skype, from asylum in
Moscow. Snowden is currently living in Russia after he leaked
classified information in 2013, disclosing the government’s ongoing
surveillance programs that included surveillance on American citizens. He is wanted
by the United States’ government for theft of government property and violation
of the Espionage Act.
The event coincided with the recent release of Oliver
Stone’s new film “Snowden” and was moderated by Kevin Bankston, Director of New
America’s Open Technology Institute. At the roundtable, Snowden discussed the
role of encryption and the myth of ‘going dark.’
Recently, the FBI has warned
that the encryption of electronic communications has led to terrorist’s ‘going
dark’ or communicating in a way the FBI cannot access or intercept. FBI
director James Comey called for telecommunications companies to expand and
build up their real-time intercept capabilities. Director Comey further
advocated that companies should always be able to decrypt any information sent
using their service. Presently, Congress has yet to enact legislation that
would prohibit end-to-end encryption.
Similarly, agencies within the EU and UK have also called
for a legislative ban on end-to-end encryption. Earlier this year the French
and German interior ministers advocated
that internet companies should be able to decrypt any communication on its
service. If these proposals were enacted it would effectively outlaw end-to-end
encryption. The United Kingdom has also pushed to ban end-to-end encryption,
with Prime Minister Cameron speaking against it and during a debate in the
House of Lords Baroness Shields made a similar argument. “There is an alarming
movement towards end-to-end encrypted applications,” she said.
“It is absolutely essential that these companies which understand and build
those stacks of technology are able to decrypt that information and provide it
to law enforcement in extremis.”
End-to-end encryption is a system of communicating in which
only the communicating users can read the message. End-to-end encryption works
by providing both sender and recipient with an encryption key – only this key
can unlock the contents of the message. Before an email is transmitted it is
encrypted by the sender using his key, then the encrypted email is sent to the
internet service provider which delivers the email to the intended recipient. While
encrypted, the email is effectively garbled white noise – even if it were
intercepted it would be unintelligible. The recipient uses his copy of the
encryption key to unlock the message and read its contents.
Snowden, however, painted a starkly different picture than
those advocating against encryption. Specifically, Snowden noted that
encryption is not an insurmountable obstacle for intelligence services or law
enforcement. “Anyone that says that information is going dark because
encryption exists isn’t telling the truth.” Snowden mentioned numerous ways to
surmount encryption but focused a common age-old method: allow the target to
decrypt the information for you.
For an illustrative example, Snowden pointed to the 2015
arrest of Ross Ulbricht, the convicted ringleader of the infamous Silk Road
Marketplace, an online black market selling everything from drugs to murder for
hire. On the day of Ulbricht’s
arrest, the FBI followed him to a public library and waited for him to
unlock his computer and begin using it. Then two agents posing as quarreling
lovers had a loud fight to distract Ulbricht; as soon as he turned to look at
the disturbance an agent snatched his laptop and inserted a flash drive to
clone the data on the computer. Only then was Ulbricht informed of his arrest
and presented with a warrant. Ulbricht’s computer was encrypted, but by using
standard police techniques the FBI was able to access the information anyway.
Snowden noted that, traditionally, law enforcement had to
physically surveil the individual subject of an investigation and from that
evidence obtain a warrant that allowed a search or seizure; however, with
electronic communications the government could instead conduct mass
surveillance for the same cost. Snowden further proposed that “when [the
government] can monitor a hundred times as many people with the same amount of
money – it’s time to review the privacy settings with fresh eyes; because with
that order of magnitude change it’s a good rule of thumb for a review.” The
advent of cellular phones and computers has created exactly this exponential
decrease in the cost of surveillance.
Snowden acknowledged that encryption will raise the cost of
surveillance worldwide, however this increase in cost means that “now they
can’t do things in bulk and shifts from mass surveillance to individualized
surveillance.” Snowden indicated that this individualized surveillance is
exactly what law enforcement has traditionally done and strikes the correct
balance between personal liberty and society safety.
Lastly, encryption is not just used by members of terrorist
cells. Encryption provides law-abiding citizens a secure means to protect their
data against criminals and hackers. The European Union Agency for Information
and Security has supported
encryption and come out strongly against back doors that would jeopardize
end-to-end encryption. Technology companies such as Apple, Google, Facebook,
and Microsoft all similarly support
encryption and resist weakening that encryption with back door access.
