I do not like these framings of "not a" because it always sounds so suspicious like "we are not a cult".
It puts the idea into the world that it could be a crime and maybe that it is the status quo.
Much better IMHO is something like "Encryption is a fundamental right.", "Encryption protects everyone.", "Without encryption there is no democracy." and so on.
Maybe "Don’t let them take your right to privacy."
I don’t understand this. If you live in the US and use a service like ProtonMail, has a crime been committed? Are there any examples here in the US or anywhere else of arrests/prosecutions being made over encryption? I’ve never heard of any??
Also, I've heard it said that people have a tendency to subconsciously flush "not" and remember that sort of statement as "encryption is a crime". It is slightly better to put things positively (eg, "Encryption is the reasonable default").
It makes sense in this context, as it operates on the idea that it could be a crime: "Contrary to what some policymakers seem to believe, whether naively or maliciously, encryption is not a crime."
Claiming a right is not the same as exercising the right, though typically the claim precedes the exercise. Also, are you suggesting you don't have the right to use encrypted communications? (assuming you're not in France, where the "right" to encrypted communications has never been explicitly recognized.)
I think you also have to delete the original information before it becomes a crime. Though monkeying around on someone elses' machine(s) without permission is criminal behaviour in most jurisdictions I've looked at.
Not all speech is non-criminal, at least in the US. Inciting speech has always been subject to prior-restraint and fraudulent commercial speech has always subjected the speaker to legal peril.
> I wish Americans still believed in American freedoms
I wish people understood the American system at a philosophical level. What you call "American freedoms" are largely based off of negative rights, i.e. John Locke. Our bill of rights use specific language like "Congress shall make no law", "shall not be infringed", "shall not be violated". It's inherently freedom from state action.
Over the past 100 years a different interpretation of rights has emerged, so called positive rights as exemplified in FDRs second bill of rights; e.g. "the right to a good education" or "the right to earn enough to provide adequate food and clothing and recreation". This requires state action to facilitate freedoms for its citizens.
Unfortunately these systems are incompatible. I think a lot of the friction we are seeing in modern times can partially be traced to this contradiction.
I'm not sure the US population ever really believed in fundamental freedoms.
They had an apartheid up to 60 years ago. There are living people from that time, and you can't believe in any human right and have an apartheid at the same time.
This is too many words to convince someone who already doesn’t believe this.
Put more simply: the modern internet doesn’t work without encryption, it is a fundamental part of the technology. Without it, anyone could log into any of your accounts, take your money, messages, photos, anything.
>Put more simply: the modern internet doesn’t work without encryption, it is a fundamental part of the technology. Without it, anyone could log into any of your accounts, take your money, messages, photos, anything.
I'm pretty pro encryption, but even this is pretty dishonest. Phones (ie. PSTN, not iPhones) aren't "encrypted" by any means, but there's plenty of sensitive information sent over it. Lawyers fax each other important documents, and doctors fax each other medical recorcds. There was (is?) even telephone banking where you could do basic transactions over the phone. Even today, some banks/brokerages require you to phone in to do certain high risk operations (eg. high value transfers or account resets). All of this happens without encryption. While that's less security that I'd like, it's safe to say that "anyone could log into any of your accounts, take your money, messages, photos, anything" isn't true either.
I’m not saying every layer of the onion is individually encrypted. But there are plenty of layers that are.
There is plenty of encryption used when you send any sort of message from an iPhone, even SMS. You can’t even turn the dang thing on and unlock it without encryption. Then when you send it, it’ll be encrypted by the radio before transmission. Then in transit it may or may not be encrypted at various points.
And POTS is not the internet.
My overall point is that encryption is used all of the time when people use the internet for routine tasks that they expect to work, and would not work in a modern reasonable way without it.
People use these technical implementations details to muddy the water of this conversation and demonize encryption, when the reality is that everyone uses it literally all the time for almost everything.
Allowance for using faxes to send protected health information (PHI) as defined under HIPAA was essentially grandfathered in for practical reasons, not because it is at all a secure enough communications system for sensitive data. If faxing medical records had been banned then the healthcare system would have come to a halt, which would have been worse then the privacy risk. But if fax was invented as something new today it would never be allowed for PHI.
It's only recently that more secure alternatives to faxing have become practical, like DirectTrust Secure Direct Messaging.
1. How often are people saying their bank login on their phone calls?
2. Is there a way for phone call man in the middlers to get that info without wasting a ton of time listening to calls? With internet MITM it is very easy to set up a program that scrapes unencrypted login info.
That’s exactly the pedantry that muddies the water and confuses people on this issue. Colloquially, it is a distinction without a difference. The internet as normal people know it does not work without encryption.
End-to-encryption is a good thing, and so is this website providing information about how to use it.
But this particular article represents a particular pathology surrounding freedom. Freedom is supposed to be about doing what you want. It's not about making florid speeches about how free you supposedly are. If you want to use end-to-end encryption, just use it, and maybe offer advice to others on how to use it.
There are some politicians who have decided that only bad people use encryption. Going up to one of these politicians and trying to explain that you use encryption but you're actually a good person won't convince them that encryption's okay, it'll just convince them that you're a bad person. Politics is one of those things that attracts people who just want to find the shortest route to a decision about who are the good people and who are the bad people, and keeping secrets isn't something that those sorts of people like other people doing.
Unless you have evidence that the government is rounding up people just for using encryption, all this sort of advocacy does is to draw attention to you having something to hide, and therefore probably being some sort of wrong'un. If the government is rounding up people for using encryption, that's a specific threat you need to respond to, and starting a public campaign is not the right response.
>You should engage with the arguments the other side makes.
The arguments are "Protect the children.", "Catch terrorists.", "Catch criminals.".
Those arguments have been engaged with for decades. They are purely emotional arguments. Anyone who still pushes those arguments forth is most likely doing so with ulterior motives and cannot be reasonably "engaged" with.
For what its worth the anti-encryption/anti-privacy laws have caught terrorists in the UK. My company provides data storage for their dragnet and handles various requests and Ive seen first hand 4 different instances where the UK gov watching everyones internet activity led to terrorists being caught.
Let's not ignore the full history here. That is a bad faith argument. It was a crime to use expensive encryption 30 years ago, but a lot of decisions were made to allow it. Today, every single one of those old caveats about child porn, drugs, money laundering, terrorism, (both domestic and international) and criminal acts in general all have stories where weaker encryption would have saved hundreds and hundreds of lives. We have to recognize this or we're just arguing past each other.
>> You should engage with the arguments the other side makes.
> The arguments are "Protect the children.", "Catch terrorists.", "Catch criminals.".
> Those arguments have been engaged with for decades. They are purely emotional arguments. Anyone who still pushes those arguments forth is most likely doing so with ulterior motives and cannot be reasonably "engaged" with.
Oh come on. Why do you think a "purely emotional arguments" are illegitimate? Are you some galaxy brain, coldly observing humanity from some ivory tower constructed of pure software?
Nearly all positions people take are, at their core, "emotional." And the disagreements that result in "arguments" are often really about differing values and priorities. You might value your "freedom" more than anything and are willing to tolerate a lot of bad stuff to preserve strong encryption, some other guy might be so bothered by child sexual abuse that he wants to give it no encrypted corner to hide in. You're both being emotional.
> Clearly the pressure on government to write these laws is coming from somewhere
Software surveillance vendors.
> Chat control: EU Ombudsman criticises revolving door between Europol and chat control tech lobbyist Thorn
> Breyer welcomes the outcome: “When a former Europol employee sells their internal knowledge and contacts for the purpose of lobbying personally known EU Commission staff, this is exactly what must be prevented. Since the revelation of ‘Chatcontrol-Gate,’ we know that the EU’s chat control proposal is ultimately a product of lobbying by an international surveillance-industrial complex. To ensure this never happens again, the surveillance lobbying swamp must be drained.”
The problem is LEOs (and associated industry) claiming that enforcement is impossible without the ability to obtain cleartext.
This is a lie: obtaining cleartext just makes enforcement vastly easier and more scalable. If crims have encrypted mobile phones, you can still point a microphone at them.
Honestly, I had always assumed LEO wanted access to decrypted message content so they could sell it to advertisers. I mean sure, you could catch a criminal or two, but with all that non-criminal data, just imagine how much off-the-books revenue you could accrue by selling it to the AdWords guys.
The other side being, for instance, the surveillance lobby that pushes for chat control laws in the EU? The "arguments the other side makes" are pretty clear at this point, and nothing to do with the "think about the kids" really, not sure engaging with them is the point.
> Something is a crime if society determines that it should be so. Nothing more.
According to The New Oxford Companion to Law, the term crime does not, in modern criminal law, have any simple and universally accepted definition.
Society also determined it was ok to use a firehose on black people, so I think the best we can say is that the term Crime has nothing to do with Morality, and people who conflate the two need to be looked at with suspicion.
> You should engage with the arguments the other side makes.
I don't. I think most arguments about crime require one-side to act in bad-faith. After all: The author doesn't actually mean that Encryption isn't illegal in some jurisdictions, they mean that it shouldn't be. You know this. I know this. And yet you really think someone needs your tautological definition of crime? I don't believe you.
The arguments are mostly that they dislike what can be accomplished via math. “The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia” isn't exactly an 'argument' so much as an insistence.
The article does address the flaws in some of their arguments (encryption inconveniences law enforcement, think of the children) by pointing out that the average person and children are kept save from criminal elements by encryption.
The arguments from the other side are of the "think of the children" and "tough on crime" variety. They are purely emotional and if you try to dispute them they just respond with "so you don't care about children?". It's like trying to argue with a religious person on matters of faith, you're just not very likely to convince them.
If we had trustworthy governments, or trustworthy police agencies, then maybe mandated backdoors wouldn't be all that bad. But if anything, recent events that clearly demonstrated that governments are not trustworthy, even if one is trustworthy today it couldn't become an evil regime tomorrow, and handing all your power over literally anything to such an organization does not seem wise.
It doesn't seem like trustworthy governments is the issue. You can't have backdoors period because they'll be leaked / discovered and used by bad actors.
That too. But even if the government was perfect and trustworthy and free of leaks, that can still all go out the window as soon as a less trustworthy government is elected.
I have yet to see a case against someone that hinged on some data that was encrypted. Almost every tale from some cell needing to be cracked has ended in a fart because they got the information anyway using old-fashioned police investigation.
We went from Patriot Act to literally disappearing people without due process in only 23 years. Imagine if they could also decrypt your phone and plant evidence in advance.
Even if you trust someone with your life and you know this person is never going to betray you and will always have your best interests at heart, that doesn't mean that they automatically get a free pass to view and inspect everything I do every minute of every day until I die.
Unfortunately, that is what these governments want.
And also apply it equally to ecommerce and homebanking.
Lets see how happy the voters are when they have to start walking to their Bank again every week, can't order their latest temu toxic waste product anymore and their GDP drops in half.
The same people who want to make encryption a crime (like Trump 45[0]) are using signal to discuss sensitive information without an audit trail. It's absolutely rules for thee.
Same with Chat Control. LEO and EU Mps would be exempted from being surveilled because their lives and communications need to be private since they are very important but yours, god no!
And people wonder why democracy is out of style. With democrats such as these, you don't need tyrants.
The problem is the average person doesn't care very much or understand it.
If you ask anyone if privacy matters they will of course say yes. If you ask them why they use software with telemetry or websites with Google Analytics they will simply shrug.
If you ask them if it's alright for the NSA to collect and analyze data from everyone they will say yes and they have nothing to hide.
People don't know what privacy is. They don't know what they are fighting for or where the fight is taking place.
If you take that and then add encryption to the mix... and you have politicians and agency plants talking about "saving the children from online pedos" by banning these "encryption apps and technology"....
You nailed the problem. Privacy is the tension between freedom and overwatch. Perfect privacy would yield zero justice, while zero privacy yields big brother/1984 overwatch. A healthy balance must exist for society to thrive.
"Secrecy of correspondence" is a longstanding legal principle in many countries (e.g. in Germany since the unification in 1871, in the US there was a supreme court ruling in 1877)
The only way to guarantee secrecy is through encryption, preferably e2e.
It’s honestly annoying how often experts speak up about this, and still nothing changes. We’re stuck in the same cycle—fear gets in the way, and in the end, it’s our privacy and security that suffer. If anything, this should be a sign to invest in stronger encryption and better law enforcement tactics that don’t mess with the tools keeping us safe online.
Readit News
It puts the idea into the world that it could be a crime and maybe that it is the status quo.
Much better IMHO is something like "Encryption is a fundamental right.", "Encryption protects everyone.", "Without encryption there is no democracy." and so on.
Maybe "Don’t let them take your right to privacy."
I can imagine Iran has some effort to discourage use of VPNs, though of course everyone does.
I thought China simply made it easy to stay within the Great Firewall, and moderately difficult to get out.
Encryption is free association and free speech. Talking to someone about what I like without eavesdroppers
Transitioning gender is also free speech, freedom of expression. Presenting how I like and not how some wannabe king wants me to
Yeah, as someone who's viewed America from the outside for decades tragically it's no longer the country I once knew.
I wish people understood the American system at a philosophical level. What you call "American freedoms" are largely based off of negative rights, i.e. John Locke. Our bill of rights use specific language like "Congress shall make no law", "shall not be infringed", "shall not be violated". It's inherently freedom from state action.
Over the past 100 years a different interpretation of rights has emerged, so called positive rights as exemplified in FDRs second bill of rights; e.g. "the right to a good education" or "the right to earn enough to provide adequate food and clothing and recreation". This requires state action to facilitate freedoms for its citizens.
Unfortunately these systems are incompatible. I think a lot of the friction we are seeing in modern times can partially be traced to this contradiction.
They had an apartheid up to 60 years ago. There are living people from that time, and you can't believe in any human right and have an apartheid at the same time.
Is a legal requirement for others to affirm this expression also "free speech?"
Put more simply: the modern internet doesn’t work without encryption, it is a fundamental part of the technology. Without it, anyone could log into any of your accounts, take your money, messages, photos, anything.
I'm pretty pro encryption, but even this is pretty dishonest. Phones (ie. PSTN, not iPhones) aren't "encrypted" by any means, but there's plenty of sensitive information sent over it. Lawyers fax each other important documents, and doctors fax each other medical recorcds. There was (is?) even telephone banking where you could do basic transactions over the phone. Even today, some banks/brokerages require you to phone in to do certain high risk operations (eg. high value transfers or account resets). All of this happens without encryption. While that's less security that I'd like, it's safe to say that "anyone could log into any of your accounts, take your money, messages, photos, anything" isn't true either.
There is plenty of encryption used when you send any sort of message from an iPhone, even SMS. You can’t even turn the dang thing on and unlock it without encryption. Then when you send it, it’ll be encrypted by the radio before transmission. Then in transit it may or may not be encrypted at various points.
And POTS is not the internet.
My overall point is that encryption is used all of the time when people use the internet for routine tasks that they expect to work, and would not work in a modern reasonable way without it.
People use these technical implementations details to muddy the water of this conversation and demonize encryption, when the reality is that everyone uses it literally all the time for almost everything.
It's only recently that more secure alternatives to faxing have become practical, like DirectTrust Secure Direct Messaging.
2. Is there a way for phone call man in the middlers to get that info without wasting a ton of time listening to calls? With internet MITM it is very easy to set up a program that scrapes unencrypted login info.
being pandantic that should read - the modern usage of the internet..
the internet does work ok without encryption, has it has done from a long time ago
But this particular article represents a particular pathology surrounding freedom. Freedom is supposed to be about doing what you want. It's not about making florid speeches about how free you supposedly are. If you want to use end-to-end encryption, just use it, and maybe offer advice to others on how to use it.
There are some politicians who have decided that only bad people use encryption. Going up to one of these politicians and trying to explain that you use encryption but you're actually a good person won't convince them that encryption's okay, it'll just convince them that you're a bad person. Politics is one of those things that attracts people who just want to find the shortest route to a decision about who are the good people and who are the bad people, and keeping secrets isn't something that those sorts of people like other people doing.
Unless you have evidence that the government is rounding up people just for using encryption, all this sort of advocacy does is to draw attention to you having something to hide, and therefore probably being some sort of wrong'un. If the government is rounding up people for using encryption, that's a specific threat you need to respond to, and starting a public campaign is not the right response.
Clearly the pressure on government to write these laws is coming from somewhere. You should engage with the arguments the other side makes.
The arguments are "Protect the children.", "Catch terrorists.", "Catch criminals.".
Those arguments have been engaged with for decades. They are purely emotional arguments. Anyone who still pushes those arguments forth is most likely doing so with ulterior motives and cannot be reasonably "engaged" with.
https://fedsoc.org/commentary/publications/encryption-techno...
> The arguments are "Protect the children.", "Catch terrorists.", "Catch criminals.".
> Those arguments have been engaged with for decades. They are purely emotional arguments. Anyone who still pushes those arguments forth is most likely doing so with ulterior motives and cannot be reasonably "engaged" with.
Oh come on. Why do you think a "purely emotional arguments" are illegitimate? Are you some galaxy brain, coldly observing humanity from some ivory tower constructed of pure software?
Nearly all positions people take are, at their core, "emotional." And the disagreements that result in "arguments" are often really about differing values and priorities. You might value your "freedom" more than anything and are willing to tolerate a lot of bad stuff to preserve strong encryption, some other guy might be so bothered by child sexual abuse that he wants to give it no encrypted corner to hide in. You're both being emotional.
Software surveillance vendors.
> Chat control: EU Ombudsman criticises revolving door between Europol and chat control tech lobbyist Thorn
> Breyer welcomes the outcome: “When a former Europol employee sells their internal knowledge and contacts for the purpose of lobbying personally known EU Commission staff, this is exactly what must be prevented. Since the revelation of ‘Chatcontrol-Gate,’ we know that the EU’s chat control proposal is ultimately a product of lobbying by an international surveillance-industrial complex. To ensure this never happens again, the surveillance lobbying swamp must be drained.”
https://www.patrick-breyer.de/en/chat-control-eu-ombudsman-c...
This is a lie: obtaining cleartext just makes enforcement vastly easier and more scalable. If crims have encrypted mobile phones, you can still point a microphone at them.
Scalability is the big issue.
According to The New Oxford Companion to Law, the term crime does not, in modern criminal law, have any simple and universally accepted definition.
Society also determined it was ok to use a firehose on black people, so I think the best we can say is that the term Crime has nothing to do with Morality, and people who conflate the two need to be looked at with suspicion.
> You should engage with the arguments the other side makes.
I don't. I think most arguments about crime require one-side to act in bad-faith. After all: The author doesn't actually mean that Encryption isn't illegal in some jurisdictions, they mean that it shouldn't be. You know this. I know this. And yet you really think someone needs your tautological definition of crime? I don't believe you.
The article does address the flaws in some of their arguments (encryption inconveniences law enforcement, think of the children) by pointing out that the average person and children are kept save from criminal elements by encryption.
*edited to add "on matters of faith"
https://www.youtube.com/watch?v=VPBH1eW28mo
We went from Patriot Act to literally disappearing people without due process in only 23 years. Imagine if they could also decrypt your phone and plant evidence in advance.
https://www.telegraph.co.uk/technology/2021/05/23/meet-man-b...
Even if you trust someone with your life and you know this person is never going to betray you and will always have your best interests at heart, that doesn't mean that they automatically get a free pass to view and inspect everything I do every minute of every day until I die.
Unfortunately, that is what these governments want.
If we want to play in a world with full transparency, let's start with the politicians!
Lets see how happy the voters are when they have to start walking to their Bank again every week, can't order their latest temu toxic waste product anymore and their GDP drops in half.
/s
Also 's/pedo/terrorist/', or {russian|chinese|iranian|north korean} spy or any "bad guy of the day".
0 - https://www.politico.com/story/2019/06/27/trump-officials-we...
And people wonder why democracy is out of style. With democrats such as these, you don't need tyrants.
If you ask anyone if privacy matters they will of course say yes. If you ask them why they use software with telemetry or websites with Google Analytics they will simply shrug.
If you ask them if it's alright for the NSA to collect and analyze data from everyone they will say yes and they have nothing to hide.
People don't know what privacy is. They don't know what they are fighting for or where the fight is taking place.
If you take that and then add encryption to the mix... and you have politicians and agency plants talking about "saving the children from online pedos" by banning these "encryption apps and technology"....
You nailed the problem. Privacy is the tension between freedom and overwatch. Perfect privacy would yield zero justice, while zero privacy yields big brother/1984 overwatch. A healthy balance must exist for society to thrive.
The only way to guarantee secrecy is through encryption, preferably e2e.