Choosing between “going dark” and “a golden age for surveillance”
This post argues that the big picture for agency access to data is mostly “golden.” The loss of agency access to information, due to encryption, is more than offset by surveillance gains from computing and communications technology. In addition, government encryption regulation harms cybersecurity. These conclusions will not be easily accepted by investigatory agencies, however, so it is important to work through the analysis in more detail.
Communications that were previously subject to wiretap may now be shrouded in encryption. In place of the old monopoly telephone network, agencies have to contend with a confusing variety of communications providers, some of which have little experience in complying with legal process. It is no wonder agency officials strenuously object to the use of new technology that hinders their ability to employ traditional surveillance methods.
Implementing wiretaps and reading the plaintext of communications are not the only goal, however. The computing and communications infrastructure are vital to economic growth, individual creativity, government operations, and numerous other goals. If there is a modest harm to investigatory agencies and an enormous gain, societies should choose the enormous gain. In 1999 the U.S. government concluded that strong encryption was precisely that sort of valuable technology – it was worth going at least slightly “dark” in order reap the many benefits of effective encryption. Not even the attacks of September 11, 2001 changed that judgment.
The evidence suggests, furthermore, that the degradation of wiretap capability has been modest at most, and—at least statistically—wiretaps have become more useful over time. The number of wiretap orders implemented in the U.S. has grown steadily the last two decades. According to publcally available statistics, court approved wiretaps are now at a record high: 3,194 wiretap court orders were issued for the interception of electronic, wire, or oral communications in 2010, a 34% increase from the 2,376 issued in 2009. In the six instances where encryption was encountered, it did not prevent law enforcement from retrieving the plaintext forms of communication.