By Boris Lubarsky
|Photo: Boris Lubarsky|
On October 5, 2016 Edward Snowden participated in his second roundtable discussion at Georgetown University via Skype, from asylum in Moscow. Snowden is currently living in Russia after he leaked classified information in 2013, disclosing the government’s ongoing surveillance programs that included surveillance on American citizens. He is wanted by the United States’ government for theft of government property and violation of the Espionage Act.
The event coincided with the recent release of Oliver Stone’s new film “Snowden” and was moderated by Kevin Bankston, Director of New America’s Open Technology Institute. At the roundtable, Snowden discussed the role of encryption and the myth of ‘going dark.’
Recently, the FBI has warned that the encryption of electronic communications has led to terrorist’s ‘going dark’ or communicating in a way the FBI cannot access or intercept. FBI director James Comey called for telecommunications companies to expand and build up their real-time intercept capabilities. Director Comey further advocated that companies should always be able to decrypt any information sent using their service. Presently, Congress has yet to enact legislation that would prohibit end-to-end encryption.
Similarly, agencies within the EU and UK have also called for a legislative ban on end-to-end encryption. Earlier this year the French and German interior ministers advocated that internet companies should be able to decrypt any communication on its service. If these proposals were enacted it would effectively outlaw end-to-end encryption. The United Kingdom has also pushed to ban end-to-end encryption, with Prime Minister Cameron speaking against it and during a debate in the House of Lords Baroness Shields made a similar argument. “There is an alarming movement towards end-to-end encrypted applications,” she said. “It is absolutely essential that these companies which understand and build those stacks of technology are able to decrypt that information and provide it to law enforcement in extremis.”
End-to-end encryption is a system of communicating in which only the communicating users can read the message. End-to-end encryption works by providing both sender and recipient with an encryption key – only this key can unlock the contents of the message. Before an email is transmitted it is encrypted by the sender using his key, then the encrypted email is sent to the internet service provider which delivers the email to the intended recipient. While encrypted, the email is effectively garbled white noise – even if it were intercepted it would be unintelligible. The recipient uses his copy of the encryption key to unlock the message and read its contents.
Snowden, however, painted a starkly different picture than those advocating against encryption. Specifically, Snowden noted that encryption is not an insurmountable obstacle for intelligence services or law enforcement. “Anyone that says that information is going dark because encryption exists isn’t telling the truth.” Snowden mentioned numerous ways to surmount encryption but focused a common age-old method: allow the target to decrypt the information for you.
For an illustrative example, Snowden pointed to the 2015 arrest of Ross Ulbricht, the convicted ringleader of the infamous Silk Road Marketplace, an online black market selling everything from drugs to murder for hire. On the day of Ulbricht’s arrest, the FBI followed him to a public library and waited for him to unlock his computer and begin using it. Then two agents posing as quarreling lovers had a loud fight to distract Ulbricht; as soon as he turned to look at the disturbance an agent snatched his laptop and inserted a flash drive to clone the data on the computer. Only then was Ulbricht informed of his arrest and presented with a warrant. Ulbricht’s computer was encrypted, but by using standard police techniques the FBI was able to access the information anyway.
Snowden noted that, traditionally, law enforcement had to physically surveil the individual subject of an investigation and from that evidence obtain a warrant that allowed a search or seizure; however, with electronic communications the government could instead conduct mass surveillance for the same cost. Snowden further proposed that “when [the government] can monitor a hundred times as many people with the same amount of money – it’s time to review the privacy settings with fresh eyes; because with that order of magnitude change it’s a good rule of thumb for a review.” The advent of cellular phones and computers has created exactly this exponential decrease in the cost of surveillance.
Snowden acknowledged that encryption will raise the cost of surveillance worldwide, however this increase in cost means that “now they can’t do things in bulk and shifts from mass surveillance to individualized surveillance.” Snowden indicated that this individualized surveillance is exactly what law enforcement has traditionally done and strikes the correct balance between personal liberty and society safety.
Lastly, encryption is not just used by members of terrorist cells. Encryption provides law-abiding citizens a secure means to protect their data against criminals and hackers. The European Union Agency for Information and Security has supported encryption and come out strongly against back doors that would jeopardize end-to-end encryption. Technology companies such as Apple, Google, Facebook, and Microsoft all similarly support encryption and resist weakening that encryption with back door access.