11 Jan 2019

Should tech companies provide governments with access to encrypted data?

Soon, technology companies will be compelled to provide governments with a decryption key

Recently, 5 governments asked internet companies to give officials back-door access to users’ online activities. The idea was to compel tech companies to provide a key to encrypted software so that no users’ software will be beyond the governments’ reach. From the governments’ point of view, those decryption keys are required to allow security officials to carry out each governments’ primary duty which is to protect its citizens.

The 5 governments which are known as the Five Eyes consist of the US, the UK, Canada, Australia and New Zealand. They have recently issued a memo to tech companies urging them to “create customised solutions, tailored to their individual system architectures that are capable of meeting lawful access requirements”.

Despite the confusion which surrounded the early internet days, where it seemed unclear whether governments’ traditional powers to regulate individuals’ activities extended to the online world, democratic governments are now certain of the obvious. There is no difference between the offline and online laws. The internet isn’t the “planet of the people” or the place where governments are not welcomed. It is in fact precisely the place where governments should base their protective activities. The internet is where citizens’ protection is needed the most nowadays.

The memo by the Five Eyes is a powerful statement that projects the serious intention of the 5 governments to get involved. They no longer wish to leave the internet unregulated and insecure. The online society is still a society consisting of people who require protection and it is likely that governments’ access to encrypted software, under the right circumstances and with the correct degree of scrutiny, will result in combatting serious criminal activities and particularly of terrorism.

What the governments are really after is the ability to track money laundering activities which end up sponsoring terrorism across the world and to have the ability to uncover planned terrorist attacks. It is likely however, that once in possession of decryption keys, governments will use the right of access to also tackle issues such as people trafficking and other criminal activities which are currently sheltered by internet and technology companies through encryption.

It is unknown how many of the internet and technology companies have already conceded to the request to provide decryption keys to new software. It is clear however, that the request for a voluntary co-operation is a signal to technology companies that the governments are thinking of new laws which would remove the choice from technology companies whether to assist or not. The real threat is that the power to act reasonably will be taken away from technology companies who will eventually be compelled by laws to provide those keys. European traditional favouritism of big state over free speech could provide the right space for relevant legislation to be enacted in a way that will effectively force US based companies to comply.

The real question is, should the normative internet or technology user be worried? The answer is that they probably shouldn’t. The governments are saying that they are intending to only access encrypted data following a thorough legal process.  This will involve the approval by a judge of any attempt to access internet users’ data. They want their officials to act within the law and for the law to be clear about when, how and who can access the encrypted information. They want, at the same time, not to be seen as attempting to over-regulate the internet hence, the starting point of a “polite request”.

Upcoming Events

May 2022

The Internet Law Leadership Summit 2022

14 May 2022  -  15 May 2022

The annual gathering of the most prominent internet law lawyers and attorneys from across the world

From 09:00 until 17:00

At Aria Hotel, Las Vegas

Find out more...

April 2020

The Data Protection Practitioners' Conference 2020

06 Apr 2020

The annual ICO conference with Information Commissioner, Elizabeth Denham CBE

From 08:30 until 17:00

At Manchester Central Convention Complex

Find out more...

    Do you ever need to take a screenshot as evidence of #harassment or of #defamation on the internet? If you do, make sure to read this excellent article where I give advice on the best way to take screenshot and preserve evidence using your mobile telephone https://www.dazeddigital.com/science-tech/article/56366/1/receipts-culture-has-gone-too-far

    Men who are falsely accused of rape and whose trial damaged their reputation can now remove refences to their trial from Google when their name is being searched https://www.internetlawcentre.co.uk/falsely-accused-of-rape

    Cops look at self after a businessman wrongly accused of raping law student who was motivated by the metoo movement https://mol.im/a/10914001

    Why are #footballers susceptible to #blackmail and extorsion?
    If you know a #PremierLeague footballer who is being blackmailed, you will also know that the experience they are going through is pretty sickening. Everything is at stake...Read more.

    Load More...