DOJ – International Statement: End-to-End Encryption and Public Safety(justice.gov)
justice.gov
DOJ – International Statement: End-to-End Encryption and Public Safety
https://www.justice.gov/opa/pr/international-statement-end-end-encryption-and-public-safety
23 comments
"We recognize that strong encryption is vital to the functioning of society. That said, we demand access to all encrypted communication because - Just Think of The Children."
Privacy is the best defense of children against groomers, so it is a one-sided perspective to begin with. That people are able to communicate in confidentially in private is a fact governments must come to terms with quickly.
Check out Sam Harris’s podcast “The Worst Epidemic”. It’s hard to listen to, but gives another perspective about this issue. Also it has some ideas about where encryption is perhaps more benign (e.g. WhatsApp) and where its introduction would increase exploitation of children (e.g. Facebook Messenger).
I call bullshit.
The US DoJ might say they want end-to-end encryption, but only so long as it doesn’t interfere in any way, shape, or form of whatever they want to do to people in their prosecutions and persecutions.
The US DoJ might say they want end-to-end encryption, but only so long as it doesn’t interfere in any way, shape, or form of whatever they want to do to people in their prosecutions and persecutions.
It's too bad none of these fascists are elected; we can't simply vote them out of office.
Edit: Use your words; your downvotes just tell me that you support nepotism and corruption in bureaucracies.
Edit: Use your words; your downvotes just tell me that you support nepotism and corruption in bureaucracies.
They’re chosen by elected officials.
By some definition of "elected"
Please, use more words: How do we vote them out of office? How do we recall them or call for votes of no-confidence? You seem to think appointments by elected officials are themselves elections, but there's several hundred years of constitutional democratic history suggesting otherwise.
Once voted in they can pretty much do whatever they like for 2-5 years. All part of the current system of enslavement.
What are the odds that big tech and big brother are in bed creating a huge dog and pony show to counter the post-Snowden “going dark” reality?
Given: The public knows about mass surveillance. Big tech deploys supposedly unbreakable end to end encryption. The public feels more safe and protected from Big Brother yet again.
Theory: Meanwhile, behind the scenes, government and big tech have, in secret, the ability to recover such encrypted comms. The DOJ initiative would then be part of an elaborate psyop to further deceive people into believing that FB “has their back”.
I’m going to guess that third parties have extensively reverse engineered apps such as fb messenger to ensure that it is essentially impossible for the above to be the case, since E2EE occurs at the endpoints.
Can an encryption expert weigh in here?
Edit: this also raises general concerns I have about trusting an App Store to install what is supposed to be installed, and not a backdoor’ed version of an app. Something like: Let the reverse engineers have an unmodified app, while distributing alternate versions to other unsuspecting users.
Given: The public knows about mass surveillance. Big tech deploys supposedly unbreakable end to end encryption. The public feels more safe and protected from Big Brother yet again.
Theory: Meanwhile, behind the scenes, government and big tech have, in secret, the ability to recover such encrypted comms. The DOJ initiative would then be part of an elaborate psyop to further deceive people into believing that FB “has their back”.
I’m going to guess that third parties have extensively reverse engineered apps such as fb messenger to ensure that it is essentially impossible for the above to be the case, since E2EE occurs at the endpoints.
Can an encryption expert weigh in here?
Edit: this also raises general concerns I have about trusting an App Store to install what is supposed to be installed, and not a backdoor’ed version of an app. Something like: Let the reverse engineers have an unmodified app, while distributing alternate versions to other unsuspecting users.
I don't understand it. Their conclusion says "we challenge the assertion that safety cannot be protected without compromise," which the way I read it means something along the lines of "we believe it is possible to protect public safety without compromising privacy." But the rest of the letter seems to imply they want to find a way to in fact compromise that privacy.
They should send patches to Signal and Matrix. We do not know how to implement an encryption-based communication system in the way they request.
Then they should explain explicitly how this can be made to happen. As sibling says, patches welcome.
How do they envision this working and yet protecting communication in oppressive regimes? Facebook can't very well offer the US the ability to pierce the encryption veil then beg innocence to the Kremlin when it wants access.
Of course, decentralized open source solutions in this space will always dominate. The oppressive governments can attack big tech economically. The Kremlin can shut facebook down in Russia if they won't give a back door. Whereas volunteer devs with no expectation of profit are immune to that kind of attack. Even better if there is no defined server to block.
I say this as someone who is not generally super enthusiastic about open source, not decentralized tech, nor is anti- big tech. This just seems like an area where big tech cos cannot compete efficiently.
Maybe they just think that Facebook should not be operating in countries with lots of corruption or oppression? And maybe they have a point. Maybe it is not possible to run an ethical communication business in a place that criminalizes what we value as protected speech.
Anyway, I doubt they will be able to accomplish this goal by asking nicely. They will need to pass a law and then there will need to be a fight about whether the law is constitutional.
Of course, decentralized open source solutions in this space will always dominate. The oppressive governments can attack big tech economically. The Kremlin can shut facebook down in Russia if they won't give a back door. Whereas volunteer devs with no expectation of profit are immune to that kind of attack. Even better if there is no defined server to block.
I say this as someone who is not generally super enthusiastic about open source, not decentralized tech, nor is anti- big tech. This just seems like an area where big tech cos cannot compete efficiently.
Maybe they just think that Facebook should not be operating in countries with lots of corruption or oppression? And maybe they have a point. Maybe it is not possible to run an ethical communication business in a place that criminalizes what we value as protected speech.
Anyway, I doubt they will be able to accomplish this goal by asking nicely. They will need to pass a law and then there will need to be a fight about whether the law is constitutional.
Exactly. This is an impossibility.
A “lawful request” is determined by whatever state has jurisdiction. As they say, encryption is vital to human rights activists in China or democracy supporters in Belarus, however it would be destroyed because these countries can indeed make “lawful requests” for the information.
For thousands of years, humans have been allowed to communicate privately with each other. We should not regress that. Criminals will always exist and we should do our best to identify and bring them to justice, but not at the expense of free society.
A “lawful request” is determined by whatever state has jurisdiction. As they say, encryption is vital to human rights activists in China or democracy supporters in Belarus, however it would be destroyed because these countries can indeed make “lawful requests” for the information.
For thousands of years, humans have been allowed to communicate privately with each other. We should not regress that. Criminals will always exist and we should do our best to identify and bring them to justice, but not at the expense of free society.
as was flagged to death earlier this week: DOJ is 100% capable of embedding humans deep within criminal enterprises that pose genuine security risks to the federal government. Combine that with regular old-fashioned things like those novel legal devices called "search warrants", and FBI does just fine at getting inside secure comms without fundamentally lying about the nature of mathematics at the same time.
Maybe we need to advocate for changes to US law such that citizens maintain their expectation of privacy when sending messages through third parties. Then it would be like it used to be when law enforcement needed a warrant to obtain an individual’s communications, which is then served to that individual rather than to a third party communications provider.
Also, it seems like it’s time to remind everyone that only totalitarian governments want to read everyone’s mail all the time to look for crimes. Our bill of rights expressly forbids this. I really don’t understand why the DOJ would write a letter like this that to me, a layman, reads like it is plainly in violation of the 4th amendment.
Also, it seems like it’s time to remind everyone that only totalitarian governments want to read everyone’s mail all the time to look for crimes. Our bill of rights expressly forbids this. I really don’t understand why the DOJ would write a letter like this that to me, a layman, reads like it is plainly in violation of the 4th amendment.
From the Cypherpunks FAQ (1994-09-10) [0]:
--
[0]: http://groups.csail.mit.edu/mac/classes/6.805/articles/crypt...
[1]: https://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalyp...
[2]: https://en.wikipedia.org/wiki/Crypto_Wars
8.3.4. "How will privacy and anonymity be attacked?"
...
- like so many other "computer hacker" items, as a tool for
the "Four Horsemen": drug-dealers, money-launderers,
terrorists, and pedophiles.
...
See also "Four Horsemen of the Infocalypse" [1], "Crypto Wars" [2].--
[0]: http://groups.csail.mit.edu/mac/classes/6.805/articles/crypt...
[1]: https://en.wikipedia.org/wiki/Four_Horsemen_of_the_Infocalyp...
[2]: https://en.wikipedia.org/wiki/Crypto_Wars
I wonder if there would be a way to make an argument that would appeal to the public just the same: We can't add backdoors to encryption because it would endanger our children!