Trump administration is planning to ban end-to-end encryption

by Amarnath Natarajan · Published June 28, 2019 · Updated June 28, 2019

Tags: Apple Chat CyberSecurity Encryption Facebook Information Security Internet Security Messenger Security VoIP

Security: End-to-End Encryption

According to a recent report, senior Trump officials have discussed the possibility of banning end-to-end encryption, as used by services like Apple’s Messages and FaceTime, as well as competing platforms like WhatsApp and Signal.

While the proliferation of end-to-end encryption services grows along with the knowledge about the importance of services that offer them to protect our privacy, it has also been a huge problem for various intelligence and law enforcement agencies across the world. As more details about mass-surveillance from government agencies are reported, many tech companies including Apple, Facebook, Google are forced to strengthen their encryption and to create chat and voice apps that are end-to-end encrypted.

The on-going change in the tech world to protect their customer privacy is making the US government unsure of how to handle it. According to Politico, senior White House officials met this week to discuss the possibility of passing new legislation that could make it illegal for companies to offer end-to-end encryption through their services.

Politico cites three sources for the story.

Senior Trump administration officials met on Wednesday to discuss whether to seek legislation prohibiting tech companies from using forms of encryption that law enforcement can’t break – a provocative step that would reopen a long-running feud between federal authorities and Silicon Valley.
The encryption challenge, which the government calls “going dark”, was the focus of a National Security Council meeting Wednesday morning that included the No. 2 officials from several key agencies, according to three people familiar with the matter.

End-to-end encryption has been a big selling point for companies Apple that tout privacy. But as the piece suggested, if the Trump administration seeks to challenge this, it could start another battle between the government and Silicon Valley, which have butted heads continually over the past few years. The government argues that this would make it easier to tackle things like terrorism.

A ban on end-to-end-encryption would make it easier for law enforcement and intelligence agents to access suspects’ data. But such a measure would also make it easier for hackers and spies to steal Americans’ private data, by creating loopholes in encryption that are designed for the government but accessible to anyone who reverse-engineers them. Watering down encryption would also endanger people who rely on scrambled communications to hide from stalkers and abusive ex-spouses.

One of Politico’s sources said that the meeting was split into two camps: Decide, create and publicize the administration’s position on encryption or go so far as to ask Congress for legislation to ban end-to-end encryption.

Senior officials debated whether to ask Congress to effectively outlaw end-to-end encryption, which scrambles data so that only its sender and recipient can read it, these people told POLITICO.
“The two paths were to either put out a statement or a general position on encryption, and [say] that they would continue to work on a solution, or to ask Congress for legislation”, said one of the people.

No decision was reached given strongly opposing views within the government. The DOJ and FBI say that catching criminals and terrorists should be the top priority, even if less secure encryption causes hacking risks. The Commerce and State Departments disagree, saying that mandating backdoors in encryption could have undesired economic, security, and diplomatic consequences. The DHS is divided on the matter. The Cybersecurity and Infrastructure Security Agency know the importance of protecting sensitive data with secure encryption, but ICE and the Secret Service often run into encryption roadblocks during their investigations.

The DOJ and the FBI argue that catching criminals and terrorists should be the top priority, even if watered-down encryption creates hacking risks. The Commerce and State Departments disagree, pointing to the economic, security and diplomatic consequences of mandating encryption “backdoors”.
DHS is internally divided. The Cybersecurity and Infrastructure Security Agency know the importance of encrypting sensitive data, especially in critical infrastructure operations, but ICE and the Secret Service regularly run into encryption roadblocks during their investigations.

If the report is accurate, the US government should understand that a backdoor in end-to-end encryption, as great as they might sound on paper, pose a significant security risk. Anyone with the right knowledge could find them and use them of their own advantage.

The US is hardly the first Western country to consider a ban on encryption – the UK tried it too. And Senators Richard Burr and Dianne Feinstein tried to pass a bill in 2016 after the San Bernardino shootings, but fortunately, that proposal did not get too far.

Politico says that the decision to hold an NSC deputies meeting suggests the issue may not remain on the back burner for long. But the report also notes that Congress is unlikely to pass a bill that completely bans end-to-end encryption. However, if such law comes to pass, it will open up a can of worms for the privacy of regular people who otherwise are powerless to the overreach of the government.