Whether you live in the United States, Europe or elsewhere, there's a good chance your online privacy and security are at stake.
You could reasonably argue no one ever truly had 'privacy' or complete 'security' when using online services. Whether or not that's true doesn’t change the fact that everyone should have a right to a basic principle of privacy when using the internet.
That’s exactly why it’s inspiring - and exciting - to see the European Parliament’s Committee on Civil Liberties, Justice and Home Affairs looking out for the interests of European citizens in recent proposals. The draft proposals call for some rather necessary improvements to the way modern data and digital communications are handled.
First, the proposals call for end-to-end encryption on all digital communications, which would effectively protect sensitive and personal data. In addition, the proposal expressly forbids government prying, eliminating the use of backdoors that would allow law enforcement to access private messaging and digital data easily.
Why Is This Happening?
Naturally, the proposed amendment is meant to complement Article 7 of the European Charter of Fundamental Rights. That amendment states all European citizens have a right to personal privacy, as well as privacy in their home and family lives. The European Committee feels the 'confidentiality and safety' of all its citizens should mean their 'electronic communications' are 'guaranteed' to be protected in the same way.
This is because private messaging and digital data can contain any number of sensitive details and identifiers about someone including but not limited to:
- Media conditions
- Personal experiences
- Medical conditions
- Sexual preferences
- Political views
If this information falls into the wrong hands and is used negatively, it could cause serious personal, social and economic harm or severe embarrassment.
Metadata and Data Encryption
More interesting is the clarification that any and all metadata associated with these digital communications should also be protected. Metadata, if you don’t already know, accompanies digital communications and includes basic information about the respondents and contributors.
It can be used to discern phone numbers, geographic locations, web and app history, call details such as time or duration, and much more. With the appropriate amount of metadata, anyone could learn a great deal of information about its source.
How Does Encryption Work?
Encryption is essentially like protecting digital data behind a lock and key. Encrypted data is scrambled or protected using an encryption key. Some encryption methods work by using asymmetric key encryption combined with periodic key rotation, making the encrypted data all the harder to hack.
The data cannot be converted to a readable form without the appropriate key on both ends of a digital communication. Even if someone received encrypted data, they could not access or open it without the appropriate key.
This protects data from unscrupulous individuals looking to use it for harm. In fact, that’s one reason why there are so many high-profile hacks. Companies don’t bother using encryption or deploy it improperly - which can be costly for large data stores.
But the backdoors mentioned are unique access points or vulnerabilities government and law enforcement agencies can use to look at encrypted data. So even though it’s technically protected, it’s really not.
Big Brother Is Watching?
If the government can peer at this data, that’s a breach of privacy in its own right, but it’s not the only problem with this form of sweeping 'security' as government officials would have you believe. For starters, having access to a backdoor is like Pandora’s Box.
There’s no guarantee everyone who can access encrypted data freely will use it for good. Furthermore, there’s no guarantee the government will be able to protect access to these backdoors from everyone, meaning hackers could effectively use them to wreak just as much, if not more, havoc.
Therein lies the issue with backdoors. Not only are they a breach of basic privacy and rights, but they also pose a significant security risk for everyone, not just your average citizen.
Leaving a key under your doormat for quick access may be convenient in some cases, but it’s most definitely not safe. The same is true of encryption backdoors that government and law enforcement agencies can access. The EU is not wrong in demanding these backdoors be banned for good.