The government wants access to your encrypted messages — we must act now to defend our right to privacy
In the recent two decades, the rise of Big Tech has placed Americans under nearly constant surveillance. This is the elephant in every room of our lives. Our phones, computers, Alexa, the web and everything we do online, everywhere we go, is all being tracked. Our relationships, our purchases, our finances, our health issues, our politics, our religious beliefs, our diets — you name it. This data is monetized by commercial interests, stolen by hackers and often shared with governments.
America’s founders declared independence from Britain in 1776 in part to stop unwelcomed authorities from intruding into their private lives. While our privacy has been significantly eroded in today’s brave new digital world, there remains one last refuge. End-to-end encrypted messaging, offered by services like Signal, Telegram, iMessage and WhatsApp (either by default or via upgrades), is the final stronghold of personal privacy.
Collectively used by billions of people worldwide, encryption enables messages to be viewed solely by the sender and recipient, impossible for even the service providers to access. Private, encrypted messaging is critical across the board. It safeguards communications for journalists and their sources; doctors and their patients; government and military; banking; human rights activists; political dissidents; and ordinary citizens who wish to protect themselves against surveillance and data breaches.
All of us have aspects of our lives that we prefer to keep private. There are things you might confide to your spouse, doctor, lawyer or therapist that you would never want revealed to the world.
Even if most of us are not journalists, activists or political dissidents risking the wrath of government authorities, we still all benefit from the work those people do. It’s essential that we collectively protect their efforts and their ability to communicate safely in private.
Privacy is a human right, helping to ensure that individuals are free to express themselves, make decisions about their own lives, and live without fear of discrimination or persecution based on their identity or beliefs.
Now the U.S. and governments around the world are working overtime to conquer this final frontier of privacy. We are witnessing a global push to compel companies to monitor all user content, regardless of whether it is encrypted.
Bills introduced in the U.S., including the EARN IT Act and the STOP CSAM Act, would compel online platforms to identify and remove child exploitation images, whether they are shared publicly or privately. In the United Kingdom, the Online Safety Bill makes similar demands. In the European Union, a recently leaked memo revealed that several member nations endorse compromising encryption in order to combat child exploitation.
One impetus behind these bills is understandable. The National Center for Missing and Exploited Children received nearly 32 million reports of suspected child exploitation online in 2022. Notably, a 2019 investigation found that Facebook was responsible for more than 60 percent of global reports of child sexual abuse material.
In an effort to prevent these illegal images from circulating in private and encrypted messages, proponents of these bills propose implementing software that scans messages on devices like phones and computers prior to transmission. This is known as “client-side scanning.” In effect, this would mean that all messages sent by their billions of users would be scanned and monitored by tech companies — and therefore available for governments to acquire.
There is now significant pushback against this avalanche of legislation. On June 27, Apple became the latest major player to publicly oppose the U.K.’s Online Safety Bill, aligning with Meta (owner of WhatsApp), Signal and more than 80 civil society organizations, academics and experts (myself included) who signed an open letter objecting to the bill. The letter warns that the bill would “force the proactive scanning of private messages on end-to-end encrypted communication services, nullifying the purpose of end-to-end encryption as a result and compromising the privacy of all users.”
Apple has been on both sides of this issue. In 2016, Apple battled the FBI, refusing to unlock the iPhone of one of the San Bernardino, Calif., shooters due to concerns this would enable a “backdoor” to widespread privacy breaches. At the time, Apple CEO Tim Cook said, “I don’t believe that the tradeoff here is privacy versus national security. … We’re America. We should have both.” Fast-forward to 2021, when Apple unveiled its well-intentioned plan to mitigate child exploitation by scanning images shared on its users’ iPhones. A backlash by users and privacy advocates caused the company to reverse course.
Rather than sacrifice encryption to identify illegal activity, there are alternative approaches, such as enabling users to report malicious posts within an encrypted app. This combines effectively with traditional policing techniques. Law enforcement can then acquire search warrants to examine the devices of individuals suspected of criminal activity.
The scanning technology that would be mandated by these bills is often ineffective anyway. For instance, a 2022 report showed that CSAM scanners used by Google falsely accused two innocent fathers of sharing child pornography. Even after both men were exonerated, Google kept their accounts shut down.
In the U.S., there’s also a question of whether such legislation is even constitutional. Academics at Stanford addressed a letter to the Senate expressing concerns that compelled scanning could infringe upon the Fourth Amendment prohibition against unreasonable searches and seizures. There’s also the case of Bernstein v. the U.S. Department of State, which advanced the idea that encryption is a form of free speech, protected by the First Amendment.
All sides want to solve the problems of encryption. Yet essentially abolishing it via scanning systems creates far more problems than it solves. As we celebrate Independence Day here in the U.S. this week, we must maintain our independence from the prying eyes of governments and stand united against their efforts to eliminate the last stronghold of privacy we have.
Mark Weinstein is a world-renowned tech thought leader and privacy expert. He is the founder of the social network MeWe, which he left in July 2022, and is currently writing a book on the intersection of social media, mental health, privacy, civil discourse and democracy.
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.