Edward Snowden on the global war on encryption: "This is our new battleground"

Since the 1990s, governments around the world have waged war on working encryption, arguing that "civilians" should be limited to using crypto with known defects that allow it to be broken, so that "good guys" can chase "bad guys."

The defects in this argument are numerous and insurmountable, boiling down to: a) Criminals will just install illegal crypto (which is impossible to stamp out and which all computers are capable of running) and use that to evade the authorities; and b) "Good guys" using broken crypto can be attacked in horrible, ghastly, comprehensive ways by criminals, authoritarian states, griefers, stalkers, etc. Ultimately, banning crypto makes all of us less safe, risking our privacy, physical security, finances, etc, while still allowing every actual criminal to continue to enjoy the benefits of strong information security.

Despite this, proposals to ban crypto are alive and well: they're already law in Australia, edging into UK law, and under consideration in Germany and the USA, thanks in large part to Rod Rosenstein, who proves that the enemy of your enemy is not your friend (see also: "intelligence community whistleblowers" who hate Trump but are firmly committed to the kinds of grotesque human rights abuses that the CIA and NSA are rightly synonymous with).

Writing in The Guardian, actual whistleblower Edward Snowden makes the case plain: if we allow western governments to ban working crypto, "our public infrastructure and private lives will be rendered permanently unsafe."

Crypto is what protects the firmware updates for your home security system, your pacemaker, and your antilock braking system. It's what protects you from the stalkerware that allows abusive men to terrorize and murder their former romantic partners. It's what keeps Hong Kong's dissidents out of reach of the torturing, genocidal Chinese state.

It is striking that when a company as potentially dangerous as Facebook appears to be at least publicly willing to implement technology that makes users safer by limiting its own power, it is the US government that cries foul. This is because the government would suddenly become less able to treat Facebook as a convenient trove of private lives.

To justify its opposition to encryption, the US government has, as is traditional, invoked the spectre of the web’s darkest forces. Without total access to the complete history of every person’s activity on Facebook, the government claims it would be unable to investigate terrorists, drug dealers money launderers and the perpetrators of child abuse – bad actors who, in reality, prefer not to plan their crimes on public platforms, especially not on US-based ones that employ some of the most sophisticated automatic filters and reporting methods available.

The true explanation for why the US, UK and Australian governments want to do away with end-to-end encryption is less about public safety than it is about power: E2EE gives control to individuals and the devices they use to send, receive and encrypt communications, not to the companies and carriers that route them. This, then, would require government surveillance to become more targeted and methodical, rather than indiscriminate and universal.

Without encryption, we will lose all privacy. This is our new battleground [Edward Snowden/The Guardian]