Klemchuk

View Original

What Is an Encryption Backdoor?

Encryption Backdoors: Do They Create More Concerns Than Good?

As technology continues to become increasingly intertwined with a citizen’s daily life, companies continue to push to buy, sell, transfer, and collect personal information.  Today, analytics and information on a consumer is king, and as such, more and more companies push to have access to such data, and with that access, governments and law enforcement agencies have increasingly looked to gain access as well, through encryption backdoors.

Balancing User Privacy, Targeted Advertising, and Encryption Backdoors

Security experts and privacy law proponents have long touted privacy concerns about unintended access or data breaches.  With each new year, company privacy policies or governmental legislation has been rolled out to strike a balance between affording any user a meaningful level of protection without completely denying access to the wealth of personal data collected on consumers.  But while companies often claim that their collection of analytics is at an aggregate level or that any data they do collect is used to curtail the experience of a user through targeted advertising, it still stands that the overall wealth of information collected about users has been increasingly pursued by a number of third parties that often now include government agencies and/or foreign powers.

And as such, while privacy experts have seen a sharp increase in the demand for stronger encryption, there has been a correlating demand for easier access to such data in the form of encryption backdoors.  

An encryption backdoor is generally defined as a deliberate weakness created by the service provider to allow for easy access to the encrypted data.  In this case, the backdoor would be purposely coded in to allow for the requesting party, often law enforcement or government agencies in most cases, to have access to encrypted data that may exist on one’s personal devices like laptops or cell phones.  

The Resistance Against Backdoors

Many governments and law enforcement agencies have made strong cases for how encryption backdoors can prevent terrorist acts or allow for meaningful intervention by law enforcement agencies. However, privacy experts often warn that encryption backdoors can still have the opposite effect if the weaknesses end up being exploited by foreign hackers or even terrorist cells.

As a result, many high-profile companies have stated that the risk of including an encryption backdoor is too high, and as such, have instead moved to strengthen end-to end encryption in products, which basically renders communications inaccessible to the provider altogether.

Key Takeaways on the Use of Encryption Backdoors

As personal information has become king, there has been increased pressure for service providers to incorporate encryption backdoors for easy access by governments and/or law enforcement agencies.  The response for such calls has been divided which has ultimately resulted in:

  • stronger end-to-end encryption by resistant companies;

  • compliance by some companies that have strong relationships with the requesting agency or government; and

  • an increase in hacking attempts and data breaches as it relates to encrypted data.

For more information on internet law, see our Internet Law & eCommerce Legal Services and Industry Focused Legal Solutions pages.


You may also be interested in:

See this gallery in the original post