Donate
No keys under the doormat please Thumbnail
‹ Back
Encryption 12 August 2015

No keys under the doormat please

Christine Runnegar
By Christine RunnegarSenior Director, Internet Trust

The Internet technical and operational communities are coming out in strong support of the paper: Keys Under Doormats: Mandating insecurity by requiring government access to all data and communications (KEYS) which concludes:

“… This report’s analysis of law enforcement demands for exceptional access to private communications and data shows that such access will open doors through which criminals and malicious nation-states can attack the very individuals law enforcement seeks to defend. The costs would be substantial, the damage to innovation severe, and the consequences to economic growth difficult to predict… “

You can download and read the KEYS paper here.

On 16 July 2015, the World Wide Web Consortium (W3C) Technical Architecture Group (TAG) issued a finding on End-to-End Encryption and the Web explaining why the TAG supports strong encryption. The TAG also goes on to say:

“As other technical experts have written in [KEYS], it is impossible to build systems that can securely support “exceptional access” capabilities without breaking the trust guarantees of the web platform. Introducing such capabilities imposes known risks that far outweigh any hypothetical benefits.”

Friday, the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) published a blog post expressing its support for the use of effective end-to-end encryption, and endorsing the recommendations in the KEYS paper.While acknowledging that end-to-end encryption tends to make the fight against botnets, malware, spam, viruses, DDoS attacks etc. more difficult, M3AAWG said:

“In spite of this, we consider protection of user content and meta-data to be of paramount importance. While we understand the reasons that “exceptional access” could be useful to law enforcement, we believe that it introduces unacceptable risks and that, on balance, business and the public are far better served by keeping secure, unbreakable cryptography available and widely deployed. We concur with the reasons in the experts’ paper.”

Last year, the Internet Architecture Board issued an IAB Statement on Internet Confidentiality stating that encryption should be the norm for Internet traffic, which was strongly supported by the Internet Society’s Board of Trustees.

Similarly, the TAG issued a finding on Securing the Web.

Like the IAB, the M3AAWG, and the W3C, the Internet Society recognizes that encryption, especially pervasive end-to-end encryption, raises practical challenges for law enforcement, network management, intrusion detection, spam prevention, etc. We are taking an active role in facilitating discussions with various communities on how to address these challenges.

For example:

  • The Internet Society is co-sponsoring a workshop with the IAB, GSM Association and AT&T on Managing Radio Networks in an Encrypted World (MaRNEW) Workshop (24-25 September 2015) in Atlanta
  • The Internet Society is organising a workshop at the Internet Governance Forum on Law enforcement in a world where encryption is ubiquitous (10-13 November 2015, date to be determined) in João Pessoa, Brazil.

Share your views with us!

How can law enforcement continue to do its job in a world where encrypted Internet traffic is the norm?

Let us know in the comments below!

‹ Back

Disclaimer: Viewpoints expressed in this post are those of the author and may or may not reflect official Internet Society positions.

Related articles

Encryption and Law Enforcement Can Work Together
Encryption and Law Enforcement Can Work Together
Encryption26 October 2017

Encryption and Law Enforcement Can Work Together

The Internet Society and Chatham House will be hosting a roundtable of experts to deconstruct the debate on encryption and...

Deconstructing the Encryption Debate: The Internet Society-Chatham House Roundtable on Encryption and Lawful Access Report
Deconstructing the Encryption Debate: The Internet Society-Chatham House Roundtable on Encryption and Lawful Access Report
Encryption24 April 2018

Deconstructing the Encryption Debate: The Internet Society-Chatham House Roundtable on Encryption and Lawful Access Report

Encryption is an important technical building block for Internet trust. It secures our infrastructure, enables e-commerce, ensures the confidentiality of...

Strong Encryption Is Essential to Our Security, Not a Barrier
Strong Encryption Is Essential to Our Security, Not a Barrier
Encryption13 October 2017

Strong Encryption Is Essential to Our Security, Not a Barrier

Encryption technologies help protect user data from theft and they help secure critical infrastructure and services that societies depend on....

Join the conversation with Internet Society members around the world