I suspect that as usual, congressmen will grant themselves exceptions. I absolutely agree that banning or attempting to control encryption will not prevent the bad guys from using it, and will only prevent law-abiding citizens using it to protect themselves and their data.
That's easy to solve though. They could easily write exceptions to any anti-encryption bill for public orgs who have access to sensitive information (police, politicians, etc). In fact, I would be shocked if they didn't make exceptions for certain parts of the government.
And why would lawmakers be intimidated by encryption? They could just force you to decrypt whenever one of those agencies asks for it and punish you with lengthy jail terms if you refuse.
I do not believe (and have not said) that Congress will outlaw encryption. As you said, the genie is out. However, they can, and eventually will, restrict technology companies from providing high-quality, turn-key, encryption solutions on consumer devices. This is what Barr is building up to. Individual users will be free to implement custom encryption on top of said platforms.
I think all the legislations proposed have been for backdoored encryption, not a blanket ban on encryption, under the (probably extremely naive) assumption that encryption can be backdoored only for law enforcement use and nobody else would be capable of exploiting that.
I think the only way lawmakers will learn that weakening encryption is a terrible thing to do is if one country does it and their banking system gets crushed by it. Or something else as disastrous would have to happen for them to learn.
If they can justify to legislators being able to spy on all network traffic, they can probably also convince those same legislators that encryption is a tool only bad guys use to prevent justice being served.
There's a constant push, at least in the US, for regulation on encryption. It's gotten consistently shot down thus far, thankfully. But it's a never-ending battle. And one day people will most likely become complacent enough to let go and feel the liberty melt away.
Just like the last couple generations have gotten increasingly soft on our right to bear arms. They've been conditioned to believe that it's dangerous, and boomer-like, and no longer important.
Leaders are "special". These bans are for people like us, not for them. I'm sure everyone in the government will be using effective encryption. They just don't want the masses using it against them because then it's subversive.
i hope the boffins who mandated weaker encryption take notice of this. The congress members who supported the bill for weaker encryption should be personally DOSed.
There is nothing wrong with these people. Those in the power always want to have more power.
There will be no implications if encryption is banned. People have been using unencrypted wired phones and unencrypted bank cards for a long time and the world hasn't collapsed.
Also, there is no need to ban any encryption, client-server encryption protocols like HTTPS can stay, provided that the server would log all session keys for future lawful access.
You can't just ban encryption and expect it to magically go away. I don't think a suicide bomber will care too much if his encryption is illegal, while people with good intentions get to suffer the consequences.
Besides, how do they think this will play out with financial transactions? Government websites? Heck, any website that uses https? Stupid idea.
It really is amazing to me that anyone thinks it's reasonable policy to ban end-to-end encryption. For the sake of national security, I would want to strengthen the security of digital data, not weaken it.
I think it's time to stop cooking up technology solutions to political problems. It's a lazy hack and a distraction.
The counter-parties that encryption will supposedly neutralize are commercial entities doing monitoring for advertising (or other purposes) and government surveillance. Commercial entities have all sorts of ways to collect said information (ie. by compelling you to opt-in in exchange for services). The government has a long history of successfully breaching encryption when it's motivated to do so.
The solution is to leash these powerful entities with regulation. Elect Senators with the courage to curb the intelligence community -- it was done before after the excesses of the Vietnam Era.
reply