If you ban encrypted hard drives, only criminals will have encrypted hard drives.
In addition to its war on guns, the New York Daily News also has it out against encryption technologies that can protect the security of our information. Even though the San Bernardino terrorists didn’t use encrypted hard drives, the newspaper still warned they could have. But so can law-abiding citizens, and our rights shouldn’t be trampled just because of terrorists.
Its December 3 editorial “Making mass murder easy” says that access to both guns and encrypted hard drives enable terrorism. Somehow the problem of violence would be solved if only the government could clamp down on something we should have the right to, the thinking goes, and the government would of course make it work perfectly, keeping dangerous products out of the hands only of the bad people and not impacting anyone else at all.
Encrypted hard drives “can only be unlocked by their owners,” the Daily News dramatically warned, “Even if their owner has just been killed having completed a suicide terrorist mission. Madness.”
And what if their owner is, like most people, not a terrorist? Maybe they think that non-terrorists would have nothing to hide? Why don’t ordinary people just keep their drives unprotected so anyone—an overzealous police officer, a business rival, an ex-boyfriend—can steal it and easily look at everything on the drive?
What if the owner of the hard drive is not a terrorist, but rather a journalist who operates in an authoritarian country who has just interviewed political dissidents? Wouldn’t that be a good reason to have an encrypted hard drive? It’s as if the Daily News thinks there is only one government or entity in the world that could possibly want to have access to what someone has on their hard drive, and that this mythical government is unimpeachably good.
Never mind that that United States government—at federal, state, and local levels—has been guilty of some violations of civil liberties of its own. There are many individuals and institutions that are much worse than the U.S. government, and all of them would have the access to the same drives and communications channels as the NSA and FBI.
Earlier this year, I noted how UK Prime Minister David Cameron was contemplating banning chat apps with encrypted chat functions like WhatsApp. He wanted them to open up “backdoors” for the government to be able to listen in. (His administration ultimately abandoned those plans.)
It’s perfectly understandable why governments would want to know what people who might be terrorists are saying, but the problem with opening a backdoor, is that anyone can get in it. Sure the government might say they are the only ones who know where it is, but hackers work hard to probe for weaknesses and exploit them. There’s nothing to guarantee a determined hacker—including the very professional foreign spies that hacked into the White House servers—won’t be able to find the backdoor and access people’s private communications.
It’s particularly insidious for a newspaper to be advocating for banning or heavily regulating encryption devices on sale to the general public. Journalists are among those who would most need encryption to carry out the most serious and important of journalism—that which threatens governments and institutions enough for them to try to suppress it.
Reporters Without Borders documents incident after indecent of authorities stealing hard drives containing sensitive information from reporters. In 2012, Chilean journalist Mauricio Weibel had his laptop and files stolen in a suspicious robbery. He was working on a book that exposed corruption of officials once involved in the military dictatorship that lasted until 1990, some of whom remain in office today. German reporter Bernhard Zand and a local cameraman with whom he was working while reporting in China had the files of their laptops deleted while they were out to dinner. Even the raid in the U.S. on Gizmodo editor Jason Chen in 2010 for publishing an exclusive about the new iPhone was questionable, according to Reporters Without Borders.
Its not just journalists who are at risk. Businesses have secrets, too—including political and national security secrets held by military contractors—and Northrop Grumman hard drives, probably disposed of improperly, have been found in Ghana with unencrypted credit card numbers and information about the recruitment of airport screeners.
As Larry Salibra, CEO of Pay4Bugs, is an authority on information security who has given talks to journalists in Hong Kong about protecting sources. He said in an email interview that there are many legitimate reasons for someone to encrypt their data:
People store their most important information on their phones and computers such financial information, business secrets and personal Information. Leaking such information into the wrong hands this information can and does lead to identify theft, destroyed businesses and even death. Pervasive full device encryption removes an incentive of bad people to try to steal our devices and means that when we mess up and lose a device that information remains protected.
Of course not everyone thinks encryption is so important. “Most people don’t have anything worth encrypting,” Republican strategist and author Stuart Stevens wrote in a response over unencrypted email:
I think data security is largely an expression of a new arrogance. Most people don’t have anything worth encrypting. I’ve never used it but think the whole notion of political secrets are largely better suited for House of Cards than reality.
That said, if Google and Apple are threatening our national security, there’s probably not much left to threaten.
Still the level of precautions one chooses to take towards one’s own computers, drives, and communications should be an individual choice, as with most things in a free country. And the threat from terrorists is exaggerated. The thumb drives confiscated from the San Bernardino attackers’ house were unencrypted. The SMS communications between the Paris attackers were unencrypted, according to The Intercept.
Moreover, it’s not even possible to prevent people from using encrypted apps without dramatically clamping down on freedom of expression. Apps like WhatsApp and Telegram and Protonmail and GPG mail, all of which offer various levels of encryption, are easily available online, some of them housed in foreign countries. To try to prevent people from using them, the government would have to censor the internet, as countries like China and Iran do, but even then people in those countries can still access banned websites over virtual private networks (VPNs).
Yet censoring the internet seems to be what both Hillary Clinton and Donald Trump have in mind, if we are to take them at their word.
“[W]e’ve got to shut off their means of communicating,” Clinton said.
“We have to do something. … maybe in certain areas, closing that internet up in some ways,” Trump said. “Somebody will say, ‘Oh freedom of speech, freedom of speech.’ These are foolish people.”
Foolish people. Is that what the Founding Fathers were for thinking that a democratic country founded on the protection of individual rights could work?