What is the purpose of having passwords on our phones?
For most of us, the answer is obvious: to protect our personal information. Our phones, like our online accounts, our email address and even our private chats, hold an increasing quantity of information, covering every aspect of our lives, that we want to keep private.
This information can range from your banking information to corporate trade secrets and even intimate details about your sexual orientation. People seek privacy to protect themselves from oppressive governments, thieves, abusive partners, bullies or simply because they enjoy the freedom it provides in an increasingly exposed world.
All this information is kept secret thanks to one crucial core technology: encryption.
Encryption is the cybersecurity technology that keeps your electronic devices and online accounts safe. It prevents anyone from accessing information you want to keep private. It’s the only thing that makes the internet or an electronic device a safe place to store your personal information. Without it, anyone could read your private chats, access your online banking, see your online purchases, read your emails and access everything you’ve ever done online.
But encryption technology is under threat in Canada.
For years, authorities in the “Five Eyes” nations, which include Canada, the United States, New Zealand, Australia and the United Kingdom, have quietly been exploring ways to erode encryption protections in the name of public safety.
The argument goes like this: terrorists and child molesters (they always use these examples) use encrypted technology to commit their crimes. Therefore, companies that make encrypted products, like Apple or Facebook, should stop encrypting their products or create backdoors that law enforcement can use to investigate these crimes.
The problem is that it’s just not possible to weaken encryption for law enforcement without also weakening encryption for malicious hackers or oppressive regimes. Any added vulnerability to encryption can and will be found and exploited by hackers of all types, given enough time.
Even today, without legislated backdoors to encryption, we see hackers sometimes gaining access to encrypted environments. That’s how the FBI was able to access the iPhone of the San Bernardino shooter back in 2016.
If companies were forced to stop using encryption, or weaken it, all our electronic devices and online accounts would become significantly more vulnerable to hackers and oppressive governments.
What’s most concerning is that these rising attacks on encryption are not just words. Australia has already taken a dangerous step by passing a bill that allows government authorities to force companies to secretly insert encryption backdoors and implant malware into their products for law enforcement to gain access.
The U.K.’s intelligence agency, GCHQ, has proposed a plan to break into encrypted chats, which has been condemned by civil society organizations and tech companies like Apple and WhatsApp. The proposal, called “ghost protocol,” would require service providers to secretly insert government agents into private conversations.
In the U.S., President Donald Trump and U.S. Attorney-General William Barr have repeatedly made calls for legislation that prohibits companies like Apple or Facebook from using encryption technology that law enforcement cannot access.
And while Canada has taken a more measured approach in previous years, the government changed its tune last year when it signed a joint communique with other “Five Eyes” nations calling on tech companies to grant the government access to encrypted communications.
If Canada follows in the footsteps of its “Five Eyes” allies in Australia, the U.S. and the U.K., we could see the end of meaningful privacy in Canada. Not only would government agencies have full access to our private chats, but so would any number of thieves, hackers and even foreign governments.
Real, strong, backdoor-free encryption remains the only viable backbone of our cybersecurity. If you believe we should keep our information safe, message Public Safety Minister Bill Blair and call on him to permanently entrench the right to safe encryption in Canadian law.
Rodrigo Samayoa is a digital campaigner at OpenMedia.
Image: Christiaan Colen/Flickr