Data privacy is too important for tech platforms to create cracks in encryption shields on state demand

In 2013, American journalist Glenn Greenwald travelled to Hong Kong to meet an anonymous source, who asserted he had some shocking evidence of widespread government spying. The source turned out to be an NSA contractor named Edward Snowden, and the rest is history. Greenwald wrote a bestselling book on it with the title ‘No Place to Hide’. I thought of this book as the UK Government started a campaign against end-to-end encryption with the same name. Coincidentally, this also happens to be a week where we celebrate data privacy. On this day in 1981, the first legally binding international treaty dealing with privacy and data protection called Convention 108 was signed, and this day forever became Data Privacy Day. The US States House of Representatives, in a rare show of bipartisan unity, even passed a House Resolution by a vote of 402–0, endorsing this decision.

Therefore, it is rather ironical that the US and UK governments led a demand that global tech companies should build ‘back doors’ for them to access online encrypted platforms. US and UK are members of a world espionage alliance with a rather cool name, Five Eyes. The Five Eyes is an Anglosphere intelligence alliance – comprising the espionage wings of Australia, Canada, New Zealand, the UK, and the US – was formed in the Cold War years to cooperate and work together against its common enemies. Recently, they joined Japan and India to issue this clarion call for a ‘backdoor’. This seems rather rich, coming from a set of democratic governments who have always fostered the rights of individual choice and privacy, and as we mark another Data Privacy Day and week, it will be interesting to explore this a little bit more.

I have written often about how the global tech majors and their data-driven business models are suffering a ‘tech lash’ against some of their practices. In this case, however, they seem to be squeezed between individual users wanting more privacy, and their governments wanting them to surrender that right to them when asked. As social networks and messaging apps become ubiquitous, it is not a surprise that citizens consider privacy as an important way of ensuring online safety. We use the Internet for increasingly personal conversations. Patients talk to their doctors on delicate health issues, people talk to their lawyers on sensitive personal and professional matters, spouses and partners share intimate details with each other. Many times, we might bring up matters related to our gender, our religion or even our sexual orientation. We need to be very sure that these conversations remain within us, and are not liable to be seen by anyone else – even if they were government or law-enforcement officials. Thus, the comfort we derive from the privacy assured to us by end-to-end encryption in our messaging apps, disappearing messages, two-factor authentication or self-destructing messages is of great value. This has become even more urgent with the pandemic. I have written how COVID 19 has driven most businesses to become online and hybrid. Education is delivered over the PC or phone, medical consultations over video and messaging, work is increasingly over Zoom or Teams. Privacy, if important before the pandemic, has become critical now.

The Five Eyes are not necessarily saying that every conversation or online interaction should be public, but that the tech companies build ‘backdoors’ into their products, so that they can access them on demand. The same countries have also been roundly criticising China for building backdoors into companies like Huawei, thus allowing them to access all traffic over its cellular networks! A backdoor, as the name suggests, is really an opening into a ‘locked encryption’, a key which can be granted on demand. The problem, as entrepreneur Chris Howell writes in Fortune is that “…applications would essentially be built broken, and a flaw of that magnitude would be very difficult to hide from others. There is no way to ensure that a backdoor will be restricted to law enforcement use only. The risk would go well beyond individual privacy and impact financial transactions, global commerce, and national security, as well as jeopardize innovations in critical industries.” Alex Stamos, formerly at Yahoo and Facebook has compared that to “drilling a hole in the windshield,” basically cracking the structural integrity of the entire encryption shield.

I have written on cybersecurity in this publication earlier, and how hackers always tend to outsmart tech companies and governments to detect flaws and vulnerabilities in their software. A gaping backdoor will be discovered sooner, rather than later, and will be an invitation for a non-state actor to get into your phone and your data. “To be left alone”, said Anthony Burgess, “is the most precious thing one can ask of the modern world.” Privacy, therefore, is too important to deliberately build vulnerabilities, and we must find other ways of finding solutions for genuine government demands, else we would literally have no place to hide.

This article is also published on LiveMint

FAQ