Donate
‹ Back
Encryption 2 June 2020

Fact Sheet: Intermediaries and Encryption

Pressuring intermediaries to weaken security is not the answer to prevent harmful content online

The Internet is a powerful tool that connects people around the world, informs them, and helps them do business. It offers virtually unlimited potential for people to innovate, improve quality of life, celebrate and learn from diversity, and tackle the world’s most complex challenges. Unfortunately, it is also sometimes used by malicious actors to enable crime and spread hate speech online. In rare but extreme cases, it has been used to broadcast or incite actions that have led to physical harm.

Some governments have suggested that such bad behaviour can be prevented by making Internet intermediaries liable for what their users publish or share online.[1]  Certain governments have already indicated that intermediaries, such as social media platforms and end-to-end encrypted messaging services, could be held liable[2] if they are not able to “trace” (i.e. identify the originator of) content shared via their platforms. Such proposals are unlikely to achieve their stated goals, and will weaken the security tools we rely on daily to protect people, businesses, economies and nations from harm.

Practical risks and challenges

Breaking encryption breaks trust & security: As noted above, some governments want “traceability”, even for end-to-end encrypted messages between parties who wish to communicate confidentially. Governments want to be able to tell that a specific message is offensive or illegal, and that it originated from a specific user. To do this, intermediaries would need access to one or more of the following:

  • The unencrypted message, on the sender’s device.
  • The decrypted message, on the recipient’s device.
  • The encrypted message, and the means to decrypt it.

This would mean they are either bypassing or overriding the encryption of the message, and therefore its confidentiality.

Impact: Traceability breaks the principle of confidential communication, and undermines user trust in platforms and service providers that use these methods to access content. Ultimately, if encryption is flawed by design, users can no longer trust the confidentiality or integrity of their online communications. This breaks fundamental functions we rely on daily to secure devices, data, and transactions, and thus to keep people, economies, infrastructure and workplaces safe.

It is not helpful to legislate for the impossible: Some governments are trying to make their dangerous proposals appear uncontroversial by stating only the desired outcome, rather than the measures they want taken. For instance, requiring intermediaries to guarantee the safety of children online, but not stating how they expect this to be achieved.

However, by framing the issue as one of information being “inaccessible to law enforcement”, they are implying that the problem is encryption, and the solution is to bypass or override it. At least one current proposal claims that such a solution can be deployed without undermining the security or trust of legitimate services and users. The Internet Society believes this is simply not the case, which is why in May 2019, it was one of almost 50 signatories to an open letter setting out the risks and shortcomings of such an approach.[3] 

Impact: However well-intentioned it is, any law that results in weakened security mechanisms increases the opportunity for malicious activity, and puts legitimate users and services at risk.

Regardless of how the goal is framed and phrased in the law, the response of the technical community has been clear and consistent: you cannot design an encryption bypass or override that “only the good guys can use”.[4] This is not dogmatic thinking on the part of the technical experts: it is based on the fundamental, mathematical reasons that make good encryption systems good. You cannot have a reliable encryption system that is simultaneously strong against some attackers but weak against others. You cannot have a robust encryption system that is robust except when you want it to be weak.

Mandating user authentication adds cost and complexity: To help identify the originators of illegal content, some countries are tempted to insist that users must authenticate in order to access any online service.[5] This may sound simple, but reliable authentication is hard to achieve even when it is in the user’s interest (for instance, for ATM cash withdrawals). When the user has an incentive to avoid identification, it is even harder. Approaches that rely on users authenticating with official identity documents (driver’s licence, passport, government eID) are complex and costly, and depend for their reliability on a host of technical and non-technical factors including reliable issuance, tamper resistance, identity and access management, and so on. In most cases, adding biometrics worsens this complexity.

What’s more, other ‘exceptional access’ proposals are based on undermining the very authentication protocols on which reliable encryption depends[6]: if you cannot be sure that only the intended recipient can access the keys to decrypt your message, you cannot be sure of its confidentiality.

Impact: Proposals based on compulsory authentication increase cost and inconvenience without necessarily achieving the stated goal. Policy proposals in this area appear to have conflicting and incompatible demands: for reliable authentication in one case, but for reliable protocols to be undermined in another.

Intermediary liability undermines trust & security without achieving its goal

Preventing the spread of illegal content online is an important goal, and we should all strive to find solutions. However, illegal content – and the behaviour that produces it – existed long before the Internet and, at its root, is a societal problem rather than a primarily technical one. An exclusive focus on solving it by breaking encryption weakens security; it diverts effort from other options, such as improving the overall capabilities of law enforcement organisations to deal with technically-mediated crime[7] – whether or not encryption is involved. Furthermore, relying solely on technological fixes to societal problems is seldom effective in the long run. 

  • Preventing confidential messaging apps from delivering confidentiality renders them pointless at best, and actively harmful at worst. The Internet is not made safer or more beneficial by such measures.
  • Contradictory policies on authentication create further confusion and technical complexity, undermining users’ trust in online services and confidential communication.

While the Internet may sometimes be used for harm, we should resist legal proposals that require service providers to override people’s ability to secure their information and interactions online. To do so places individuals and organisations at greater risk with no guarantee of achieving the intended outcome. We encourage policymakers to support strong encryption policies and practices: this will help keep people, infrastructure and countries safe online, and maintain the Internet as a global vehicle for innovation, education, and social and economic progress.


Endnotes

[1] Examples include the Amendments to India’s Information Technology (Intermediaries Guidelines) Rules under the Information Technology Act.

[2] The legal basis for liability (or exemption from it) may vary by jurisdiction.  For instance, in India, it is covered by Section 79 of the IT Act of 2000: https://cis-india.org/internet-governance/resources/section-79-information-technology-act while for intermediaries in the United States it comes under Section 230 of the Communications Decency Act 1996: https://en.wikipedia.org/wiki/Section_230_of_the_Communications_Decency_Act

[3] https://regmedia.co.uk/2019/05/30/letter_to_gchq_ghost_user_cryptobusting_plan.pdf

[4] https://mitpress.mit.edu/blog/keys-under-doormats-security-report

[5] https://www.chinalawtranslate.com/en/provisions-on-the-management-of-internet-forum-community-services/

[6] https://www.internetsociety.org/resources/doc/2020/fact-sheet-ghost-proposals/

[7] https://eshoo.house.gov/sites/eshoo.house.gov/files/migrated/wp-content/uploads/2019/10/Eshoo-Wyden-Letter-to-AG-Barr-re-encryption.pdf

‹ Back

Related articles

Policy Brief: Human Rights
Public Policy30 October 2015

Policy Brief: Human Rights

Internet-related government policy, corporate decisions, and technical-development choices influence the extent to which the Internet supports or challenges fundamental human rights. Championing trust, open Internet principles, and dialog among stakeholders are critical ways to promote the Internet’s role in supporting human rights.

Internet Society Submission to the U.N. Special Rapporteur on the Protection and Promotion of the Right to Freedom of Expression and Opinion Regarding the Use of Encryption and Anonymity in Digital Communications
Human Rights12 February 2015

Internet Society Submission to the U.N. Special Rapporteur on the Protection and Promotion of the Right to Freedom of Expression and Opinion Regarding the Use of Encryption and Anonymity in Digital Communications

DATE: 10 FEBRUARY 2015 Introduction The Internet Society welcomes the opportunity to contribute to the report that will be prepared...

Fact Sheet: Man-in-the-Middle Attacks
Encryption24 March 2020

Fact Sheet: Man-in-the-Middle Attacks

When using the Internet, we expect that our communications are confidential and have not been changed or tampered with in...

Join the conversation with Internet Society members around the world