When the Paris attacks occurred, “security” agencies on both sides of the Atlantic jumped into the media spotlight to declare that encryption had helped the terrorist planning remain secret. Their spokespeople in the media (see NYTimes, etc…) were quick to jump in making unfounded claims based on secret sources. As time went on these early stories were retracted, or as the case of the NYTimes, simply pulled without comment.
Then a text was found on a terrorist’s phone in clear text. The tech privacy/security community was quick to jump out with their own claims that the terrorists did not use encryption.
Both sides are wrong and both of their arguments are red herrings, they both do a dis-service to those they claim to represent.
Let’s start with the privacy advocates’ arguments. All that we know is that the terrorists sent at least one message unencrypted, we do not know anything of the (probably many) messages sent previously. To focus on the fact that they did not use encryption (when logic tells us that they probably did) makes it seem that if they had used encryption then it would be alright to call for governmental back doors to its use. Refusing to enter the sty with the 3 letter agencies would have been the better course, for when it is eventually proven that the terrorists did in fact use encryption for some communications, the argument is lost.
The NSA/GCHQ/FBI arguments for back doors is based on a false dilemma. When these agencies make claims that terrorists used encryption the correct response is not “did not”, but instead “so what!”. So what if they did use encryption? That does not lead to the conclusion that no one else can use secure communications. Without privacy there can be no freedom, each is contingent upon the other. These terrorists traveled by train, should we make travel by train illegal? These terrorists had passports, they could not have accomplished their deed without these passports, should we outlaw passports? This is preposterous, it is as preposterous as the claims that secure communications should be banned because the terrorists used it.
I have a right to secure communication and privacy. If I choose to encrypt the data on my phone, my tablet, my computer; then that is my choice [edit: same as whether I choose to lock my house and car]. The government does not have a right to a back door to that data [nor keys to my house]. The privacy advocates argue that any governmental back door could be exploited by bad actors and should therefore not be mandated. I would take a different tack, and argue that the government has no right or authority to demand a back door, even if it could be proven that others could not exploit it. It is my nature endowed right to privacy to have my data secured and my communications private, period.
I recommend Wickr for secure communications. Wickr is encrypted messaging and is available for Windows, Linux, OSX, Android, and iOS. It is easy to use and free for personal use. You can message me at user “foggytown”