The United States Department of Justice has issued a critical statement on end-to-end encryption saying that the technology “poses significant challenges to public safety.” The statement, published on October 11th, referred specifically to “highly vulnerable members of our societies like sexually exploited children.”
However, the statement was not against encryption as a whole: “[strong encryption] plays a crucial role in protecting personal data, privacy, intellectual property, trade secrets and Cybersecurity ,” the statement. Said.
“It also serves a vital purpose in repressive states to protect journalists, human rights defenders and other vulnerable people, as stated in the 2017 resolution of the UN Human Rights Council.”
“We Challenge the Assertion That Public Safety Cannot Be Protected without Compromising Privacy or Cyber Security.”
Still, the statement called on technology companies to work with the government to create encrypted data solutions that prevent online platforms from being used for criminal purposes.
“Technology companies also have responsibilities and put in place terms of service for their users that provide them authority to act to protect the public,” the statement said.
“[...] While encryption is vital and privacy and cyber security must be protected, that should not come at the expense of wholly precluding law enforcement, and the tech industry itself, from being able to act against the most serious illegal content and activity online.
“[...] We challenge the assertion that public safety cannot be protected without compromising privacy or cyber security.”
”Current Tools Used to Detect CSAM [Child Sexual Abuse Material] Do Not Work in End-to-End Encrypted Environments.”
And indeed, online messaging platforms play a significant role in crimes that exploit children. The DoJ’s statement cited UNICEF’s 2019 Global Threat Assessment, which found that “publicly-accessible social media and communications platforms remain the most common methods for meeting and grooming children online.”
For example, Facebook Messenger, which is not encrypted by default, “was responsible for nearly 12 million of the 18.4 million worldwide reports of CSAM [child sexual abuse material to the US National Center for Missing and Exploited Children (NCMEC)]” in 2018.
“These reports risk disappearing if end-to-end encryption is implemented by default since current tools used to detect CSAM [child sexual abuse material] do not work in end-to-end encrypted environments,” UNICEF’s report said.
The DoJ’s report is the latest development in what seems to be a growing movement toward cracking down on encryption in the United States.
CoinTelegraph reported that in June, three republican senators in the US proposed 'The Lawful Access to Encrypted Data Act', a bill that would require device manufacturers and service providers to assist law enforcement by providing access to encrypted data.
The EARN IT Act, another proposed bill, would require digital messages to be scanned by government-approved software as a measure against criminal activity.
While all of these initiatives have been described as efforts to end child sex trafficking and other criminal activity, there is serious concern that these initiatives could be used for other kinds of surveillance that would impinge on personal freedom.
However, the DoJ claimed that it would “hold data protection, respect for privacy and the importance of encryption as technology changes and global Internet standards are developed” at “the forefront of each state’s legal framework.”
The statement followed shortly after the Department of Justice published a set of guidelines on how to enforce laws in the cryptocurrency industry.