With much of the country still under some form of lockdown due to COVID-19, communities are increasingly reliant upon the internet to stay connected. The coronavirus’ ability to relegate professional, political, and personal communications to the web underscores just how important end-to-end encryption has already become for internet privacy. During this unprecedented crisis, just like in times of peace and prosperity, watering down online consumer protection is a step in the wrong direction.
The concept of end-to-end encryption is simple; platforms or services that use the system employ complex software to ensure that only the sender and the receiver can access the information being sent. At present, many common messaging apps or video calling platforms offer end-to-end encryption, while the world’s largest social media platforms are in various stages of releasing their own form of encrypted protection.
End-to-end encryption provides consumers with the confidence that their most valuable information online will not be intercepted. In addition to personal correspondence, bank details, health records, and commercial secrets are just some of the private information entered and exchanged through encrypted connections. With consumers unable to carry out routine business in person, such as visiting the DMV, a wealth of private data is increasingly being funneled into online transactions during the COVID-19 pandemic.
Unsurprisingly, however, the ability to communicate online in private has drawn the ire of law enforcement, who are weary of malicious actors being able to coordinate in secret. For example, earlier this year Attorney General Bill Barr called on Apple to unlock two iPhones as part of the Pensacola terror investigation. The request is just the latest chapter in the DOJ’s battle with cellphone makers to get access to private encrypted data.
While Apple has so far refused to forego the integrity of its encryption, the push to poke loopholes into online privacy continues. The problem is not the DOJ’s investigation, but rather the precedent it would set. As Apple CEO Tim Cook noted in 2016, cracking encryption or installing a backdoor would effectively create a “master key.” With it, law enforcement would be able to access any number of devices.
Law enforcement agents already have a panoply of measures at their fingertips to access the private communications of suspected criminals and terrorists. From the now-infamous FISA warrants used to wiretap foreign spies to the routine subpoenas used to access historic phone records, investigators employ a variety of methods to track and prosecute criminals.
Moreover, creating a backdoor to encrypted services introduces a weak link in the system that could be exploited by countless third-party hackers. While would-be terrorists and criminals will simply shift their communications to new, yet-to-be cracked encryption services, everyday internet users will face a higher risk of having their data stolen. An effort to stop crime that results in an opportunity for even more crime seems like a futile move.
Efforts to weaken encryption protections now appear even more misjudged due to a rise in cybercrime during the COVID-19 pandemic. Organizations such as the World Health Organization have come under cyberattack in recent weeks, with hundreds of email passwords being stolen. Similarly, American and European officials have recently warned that hospitals and research institutions are increasingly coming under siege from hackers. According to the FBI, online crime has quadrupled since the beginning of the pandemic. In light of this cyber-crimewave, it seems that now is the time for more internet privacy protection, not less.
Internet users across America, and around the world, rely on end-to-end encryption for countless uses online. This reliance has only increased during the COVID-19 pandemic, as more consumers turn to online solutions. Weakening internet privacy protections to fight crime might benefit law enforcement, but it would introduce a new risk to law abiding consumers.