On Monday, the US Department of Justice signed on to a new international statement warning of the dangers of encryption and calling for an industry-wide effort to enable law enforcement agencies to access encrypted data once a warrant has been obtained. The US was joined in the effort by officials representing the UK, Australia, New Zealand, Canada, India, and Japan.
The statement begins by acknowledging the value of encryption in protecting free expression across the world, citing a 2017 report from the UN Human Rights Commission. But the statement quickly pivots to the ostensible problems posed by the technology.
encryption under threat
“Particular implementations of encryption technology, however, pose significant challenges to public safety,” the statement reads. “We urge the industry to address our serious concerns where encryption is applied in a way that wholly precludes any legal access to content.”
The Justice Department has a long history of anti-encryption advocacy. In 2018, five of the seven participating countries expressed similar misgivings in an open memo to tech companies, although the memo resulted in little to no progress on the issue from the industry. At each turn, tech companies have insisted that any backdoor built for law enforcement would inevitably be targeted by criminals, and ultimately leave users less safe.
Crucially, the seven countries would not only seek to acces encrypted data in transit — such as the end-to-end encryption used by WhatsApp — but also locally stored data like the contents of a phone. That local encryption was at the center of the 2016 San Bernardino encryption fight, which saw the FBI taking Apple to court in an effort to access the contents of a phone linked to a workplace shooting.
“While this statement focuses on the challenges posed by end-to-end encryption, that commitment applies across the range of encrypted services available, including device encryption, custom encrypted applications and encryption across integrated platforms,” the document continues. “We challenge the assertion that public safety cannot be protected without compromising privacy or cybersecurity.”