
Warrantless encryption is a first amendment issue - awinter-py
https://abe-winter.github.io/2019/12/12/warrantless-14.html
======
aazaa
> Even if he [AG Barr] makes that the law – and good luck ...

> You’d have to inspect every packet on the internet to make sure it wasn’t
> using strong encryption keys. You’d have to ban every kind of decentralized
> network.

> You’d essentially have to ban any communication that isn’t subject to
> automatic monitoring by the government. You would essentially have to ban
> privacy. You’d have to ban the open source movement.

Maybe not in this administration, but it's not even hard to think of scenarios
after that in which such actions would be taken in a heartbeat.

Anyone who witnessed the brainless panic after 9/11 with open eyes should
should viscerally feel that the civil rights that make the US the country that
is hang by a very delicate thread.

All of the things needed for such a program would be done in a bipartisan
manner, with members of Congress congratulating themselves for showing
responsibility. It would be done to protect the children. Or the oil. Or to
vanquish an Evil Empire. Or to stamp out terrorism. It would be done to
protect us from nuclear, biological, or cyber annihilation. And it would
happen to thunderous applause.

~~~
zelon88
I agree with you. There was a really good episode of Blue Bloods about this
issue. And the writers of Blue Bloods got it completely wrong. The problem is
they portrayed the pro-encryption side of the argument negatively, and didn't
do it any kind of justice. In the end the Police Commissioner guilted a tech
executive to lend him "an engineer" to unlock a smartphone containing
sensitive data.

That is how this argument is portrayed to the public. "Well if you aren't
hiding anything then you have nothing to worry about!"

It's funny because you can you can usually tell a non-tech-savvy person who
has had their identity compromised from a non-tech-savvy person who hasn't,
simply because they have a healthy dose of paranoia. I feel like if more of
society were trivially hacked (and embarrassed by it) that they would take the
issue more seriously. But by then it could be too late.

~~~
mindslight
Of course they got it "wrong". The writers aren't looking to challenge their
audience, but rather playing to preconceived notions of the centralizing
narrative. The struggle of the good guys stopping the bad criminals. If only
the good guys could have more power, they could be more effective!

It would be hard to create a more robust system of government propaganda than
primetime TV.

------
ben509
Encryption is a 2nd amendment issue. It's not a private expression, encryption
algorithms are armaments that have always been used as such in warfare, and
still are. And the Internet means that private citizens are routinely
defending their intellectual property, monetary assets and reputation from
organized crime and nation-state actors.

And we all get roped in to the tedious work of recognizing phishing emails,
changing passwords, using 2FA and patching software that makes it possible to
do business in the modern economy. When we fail to do so, our systems are then
owned and used to make war and attack others.

Hence, we are all part of "a well regulated* militia [that is] necessary to
the security of a free state."

* "well trained" in modern parlance

~~~
jliptzin
Exactly, yet the second amendment people are silent whenever one of their
representatives calls for forced backdoors.

~~~
LyndsySimon
This is absolutely not my experience.

ETA - as evidence, this exact argument on the largest gun forum on the Net:
[https://www.ar15.com/forums/general/Senior-officials-
conside...](https://www.ar15.com/forums/general/Senior-officials-considering-
end-to-end-encryption-ban/5-2234430/)

------
homonculus1
Assume a general ban on private encryption. This is _de facto_ equivalent to a
ban on transmitting random numbers also, since the two are indistinguishable
to the government. Messages can be obfuscated steganographically of course so
any kind of noisy data could potentially be an illegal message. Such a ban
would amount to a mandate that all speech be thoroughly comprehensible to the
government and without error.

The implications to liberty of such a policy are shocking. It is designed to
be useless enough so as not to actually solve the problems that supposedly
demand it, yet broad enough to be enforced against anybody selectively. A
perpetual lever of fear.

Barr's proposals applying to social media are merely a restricted case of this
scenario. Just like every other policy that purports to prevent
crime/pedophilia/mass shootings/terror by criminalizing possession or use of
tools, it is pure security theater which only binds people who are cooperative
enough in the first place not to evade it. We must cultivate a common cultural
recognition that these are tactics of control and not of protection.

~~~
mattrp
Agreed but what's happening is that governments are waking to the idea that
not only will communications over the wire be encrypted from platforms (such
as signal, dare I say whatsa--- no I can't, but you get the point), data at
rest will similarly be out of reach from platforms with technologies like zero
knowledge proofs and homomorphic encryption. There will come a day, baring any
tampering/legal obstacles where most companies simply won't be able to see the
underlying data unless the user grants permission for the use. Even then users
may not even need to grant permission to the entire object but elements of the
object to facilitate an answer -- i.e. instead of granting access to an entire
social security number, the system could simply ask via algorithm , do you
have a valid social security number and is it yours and the answer comes back
yes/no. To be quite honest, I don't see why governments couldn't join such a
system but I guess if given a preference, they'd prefer to coerce the
platforms rather than ask the users each and every time...just because that's
the easy way doesn't mean it's the right way.

------
rahuldottech
> People can operate their own encryption, either by operating their own
> server technology or sending encrypted blobs over FB.

> Encryption technology can hide content, but won’t hide the parties to a
> communication without a lot of extra work

These two statements alone are reason enough why the whole encryption debate
is pointless. The moment the government of a country makes it illegal for
chatting apps to use encryption, the criminals are just going to roll their
own crypto.

So it'll just end up taking away the privacy of regular citizens, and will
undoubtedly be used to violate their rights.

Furthermore, I'm 100% that if enceyption is outlawed, in the case of WhatsApp,
Facebook will just start analysing all your chats and using them for more
targetted ads. Yay.

~~~
giancarlostoro
If encryption is outlawed I'm burning all my credit cards and buying
everything cash. I am _not_ accessing my bank accounts without encryption.
Even if "only police get access to decrypt."

~~~
bippitybop0
This is a needlessly hyperbolic comment that illustrates the, at times,
silliness of this entire conversation even among technologists. EMV credit
cards are essentially off-the-shelf ISO/IEC 7816 smart cards and would not
function without encryption. Are you suggesting an encryption outlaw would
trickle all the way down to how a credit card functions? Do we stop using
Apple/Android Pay, both of which have several protocols in their inherent
functionality that require encryption? Online purchases are not the only
reason a credit card exists, but your position has widened from the
government's debate here on social media/consumer uses to "all private
encryption in the whole world," a typical webshit perspective. Banks have
regulatory requirements for encryption set by governments in question, so all
of the actions you'd take make absolutely zero sense even in the unlikely
event of encryption being outlawed. You might as well get Ron Rivest to sign a
jersey and burn it on TikTok.

"Outlawing encryption" is getting dangerously close to "coming for your guns,"
and it's amazing how even this audience doesn't sit down and go -- hm, is that
really likely despite appointed officials beating a hobby horse? -- with the
same fervor that a single word Mark Zuckerberg says before Congress gets 300
comments of suspicious and objective argument before the thread falls off the
front page. To the -4 gray I go! Censure me for my nonconformity!

Food for thought: "the government is in the pocket of special interests,
overturn Citizens United" and "the government just might outlaw encryption,
donate to EFF" are mutually exclusive positions. Those special interests want
and, occasionally, _need_ encryption. So. Maybe think a bit, because one
cannot believe both, and I'm wagering many here do.

~~~
ggggtez
Encrypted communication is essentially what allowed online banking and online
sales to finally take off and created Amazon and eBay, among other businesses
that could not have existed without it.

And outlawing encryption _is_ what politicians are talking about. They do so
all the time.

"The laws of mathematics are very commendable, but the only law that applies
in Australia is the law of Australia." \-- Prime Minister of Truth, AU

~~~
bigiain
Also the laws of Australia: It's becoming illegal to use cash for any
transaction over $10k.

The politicians are proposing to outlaw both encryption _and_ cash...

:sigh:

~~~
giancarlostoro
Yikes I had not even thought of that. How long till they install CT OS from
Watch Dogs? I mean really that game is now about to be a documentary of the
future. I hope not.

------
morisy
Agree with OP, but thought it was interesting how much the debate is being
shaped by the general sentiment shifting against big tech and how
unsympathetic major tech platforms have become in public policy discussions,
particularly around this subject.

Liked this rundown of all the forces lined up on the other side. Debate
doesn't seem to be driven by tech or really by policy, so much as pols trying
to cut down an industry a notch (particularly as that industry's lobbying has
largely been tone deaf):

[https://www.axios.com/distrust-of-tech-could-be-
encryptions-...](https://www.axios.com/distrust-of-tech-could-be-encryptions-
achilles-heel-8a02a6cb-8f20-4dc1-a2d5-f6c74c7a6f90.html)

~~~
kardos
It seems like a sort of "power vacuum" [1] situation. If the government
doesn't opt to take the power to read everyone's communications, FB & co will
take that power by layering on encryption to shut the government out, while
maintaining endpoint control such that they alone can extract message
plaintext. The "debate" is just whatever these two sides have come up with to
try and sell their preference to the public.

[1]
[https://en.wikipedia.org/wiki/Power_vacuum](https://en.wikipedia.org/wiki/Power_vacuum)

------
hwita
One important thing to keep in mind about users encrypting their own messages:
those encrypted messages will be impossible to discern from random bits.

This means if I send the message "f734fca50971f301786eaf0ee0de900f" there is
no way to tell if I'm breaking the law or not unless we also outlaw sending
random bits.

~~~
anon9001
Ah, you're right. We need to make sending out random bits a felony, that way
if we see anyone doing it, we know they're a criminal. Good catch.

------
vinniejames
I like this. Encryption is a shared language between two parties, that only
they can speak and understand.

Analogous would be the government saying no one is allowed to speak Chinese,
because the government doesn't understand Chinese

~~~
awinter-py
wittgenstein thinks private languages are impossible (though not illegal)

------
downerending
I think the phrase "warrantless encryption" should be outlawed. What is that
even supposed to mean?

~~~
ggggtez
I think they mean just "encryption". The argument is over whether facebook can
store encrypted messages. "Warrants" really have nothing to do with the
discussion, afaik.

------
GhettoMaestro
It is illegal to compel speech in the United States. Forcing specific software
implementations to cripple-ware the product is compelled speech. Full stop.

~~~
JadeNB
> Forcing specific software implementations to cripple-ware the product is
> compelled speech.

How is it so, in a way that complying with other warrants isn't? (I'm very
much not sympathetic to the government's assertion of its rights here, but I'm
not yet convinced by this argument against it.)

~~~
GhettoMaestro
Fair question.

Warrants are mostly pertaining to searches as I understand it.

I don’t think there is instances of warrants in the US that has resulted in
compelled speech?

To be clear gag orders and injunctions don’t count as compelled speech. That’s
an order of absence of speech.

------
rayiner
> You’d have to inspect every packet on the internet to make sure it wasn’t
> using strong encryption keys. You’d have to ban every kind of decentralized
> network.

Upfront bias: I’m against encryption backdoor. But the article is arguing
against a straw man. Nobody is proposing to ban encryption. (That would be a
first amendment issue.) They’re proposing to require companies to include
encryption back doors in commercial products. That doesn’t regulate speech, it
regulates the design of products.

“Speech” within the scope of the first amendment protects the communication of
a message or idea. That is broad, but the thing that is protected is the
communication of a message. Thus, the government cannot ban you from encrypted
speech. But it can certainly ban Apple from making iPhones that contain
encrypted communications features, for the same reason it can ban cars without
seatbelts. While code can be speech, in that context the code isn’t
communicating a message but rather _providing functionality._

------
rolph
i think the "warrentless encryption" alludes to encryption just because, and
not for transactions that must be secure.

encryption is another thing itself. it doesnt need to be RSA, or SHA256.

emogis and emoticons, are encryption :-D.

l3375p34k is encryption.

euphemisms are encryption [dont talk that way my dog is sick].

even binary code could be considered encryption !

