Do They Create More Concerns Than Good?
Written by Peggy Keene
As technology continues to become increasingly intertwined with a citizen’s daily life, companies continue to push to buy, sell, transfer, and collect personal information. Today, analytics and information on a consumer is king, and as such, more and more companies push to have access to such data, and with that access, governments and law enforcement agencies have increasingly looked to gain access as well, through encryption backdoors.
Balancing User Privacy, Targeted Advertising, and Encryption
Security experts and privacy law proponents have long touted privacy concerns about unintended access or data breaches. With each new year, company privacy policies or government legislation has been rolled out to strike a balance between affording any user a meaningful level of protection without completely denying access to the wealth of personal data collected on consumers. But while companies often claim that their collection of analytics is at an aggregate level or that any data they do collect is used to curate the experience of a user through targeted advertising, it still stands that the overall wealth of information collected about users has been increasingly pursued by a number of third parties that often now include government agencies and/or foreign powers.
And as such, while privacy experts have seen a sharp increase in the demand for stronger encryption, there has been a correlating demand for easier access to such data in the form of encryption backdoors.
An encryption backdoor is generally defined as a deliberate weakness created by the service provider to allow for easy access to the encrypted data. In this case, the backdoor would be purposely coded to allow for the requesting party, often law enforcement or government agencies in most cases, to have access to encrypted data that may exist on one’s personal devices like laptops or cellphones.
The Resistance Against Backdoors
Many governments and law enforcement agencies have made strong cases for how encryption backdoors can prevent terrorist acts or allow for meaningful intervention by law enforcement agencies. However, privacy experts often warn that encryption backdoors can still have the opposite effect if the weaknesses end up being exploited by foreign hackers or even terrorist cells.
As a result, many high-profile companies have stated that the risk of including an encryption backdoor is too high, and as such, have instead moved to strengthen end-to-end encryption in products, which basically renders communications inaccessible to the provider altogether.
Key Takeaways on the
Use of Encryption Backdoors
As personal information has become king, there has been increased pressure for service providers to incorporate encryption backdoors for easy access by governments and/or law enforcement agencies. The response for such calls has been divided, which has ultimately resulted in:
stronger end-to-end encryption by resistant companies;
compliance by some companies that have strong relationships with the requesting agency or government; and
an increase in hacking attempts and data breaches as it relates to encrypted data. TBJ
PEGGY KEENE is an associate of Chamblee Ryan and of counsel to Klemchuk. Her practice focuses on intellectual property and internet law, insurance litigation, and data privacy. She has also served as in-house counsel in the telecommunications industry.