PerspectiveHow Long Will Unbreakable Commercial Encryption Last?

Published 20 September 2019

Most people who follow the debate over unbreakable, end-to-end encryption think that it’s more or less over, and that unbreakable commercial encryption is here to stay. But. this complacent view is almost certainly wrong. Enthusiasm for controlling encryption is growing among governments all around the world and by no means only in authoritarian regimes. Even Western democracies — not only authoritarian regimes — are giving their security agencies authorities that nibble away at the inviolability of commercial encryption. “While the debate over encryption has stalled in the United States, it’s been growing fiercer abroad as other nations edge closer to direct regulation of commercial encryption,” Stewart Baker writes.

Most people who follow the debate over unbreakable, end-to-end encryption think that it’s more or less over. Silicon Valley has been committed to offering such encryption since at least the Snowden revelations; the FBI has abandoned its legal campaign against Apple’s device encryption; and prominent national security figures, especially those tied to the National Security Agency, have sided with industry and against the Justice Department. Attorney General William Barr is still giving speeches claiming that law enforcement is “going dark”—but in this partisan age many Americans will not take his views at face value. And Congress is unwilling to go to bat for an FBI that is increasingly viewed with skepticism on the right as well as the left.

Stewart Baker writes in Lawfare that in fact, this complacent view is almost certainly wrong. Enthusiasm for controlling encryption is growing among governments all around the world and by no means only in authoritarian regimes. Even Western democracies are giving their security agencies authorities that nibble away at the inviolability of commercial encryption. Equally importantly, unbreakable user security will increasingly conflict with the commercial and political interests of the big Silicon Valley companies that currently offer encryption as a mass market feature—especially as technology companies take a more aggressive role in content moderation.

“While the debate over encryption has stalled in the United States, it’s been growing fiercer abroad as other nations edge closer to direct regulation of commercial encryption,” Baker writes.