In the movie Groundhog Day, Bill Murray’s character is stuck in an endless loop, reliving the same day over and over again. It’s not until he actually does something different that he breaks the loop.
That’s where we are in the encryption debate. On one side the encryption advocates talk about the critical role it plays in data privacy and security: safeguarding online communications, enabling free speech, and protecting financial transactions, among other things. On the other side, governments and law enforcement want a way to access encrypted communication to protect the public, prevent the spread of child sexual abuse materials, and stop terrorist attacks and other crimes.
Both sides have tweaked the messaging over the years but for decades it’s been the same endless loop. Law enforcement needs to break down the challenges and come to the table with an open mind. Encryption advocates need to recognize the challenges that law enforcement face and also have an open mind for these discussions. Maybe if both groups work together, break the bigger challenges into smaller ones, they can create solutions and break the loop.
The report released today from the Center for Cybersecurity Policy & Law, Reframing the Conversation: A Deep Dive into the Encryption Debate looks at the history of the conversation around encryption, and how we might reframe it to break out of this loop. Governments and law enforcement must take a practical, incremental approach to policies and legislation that affect law enforcement and online security, rather than mandating ubiquitous surveillance that can circumvent encryption. And encryption advocates must find ways to partner on our shared goal to prevent, investigate, and prosecute these crimes.
The report:
- Examines the historic discussion and arguments around encryption policy;
- Reviews recurring themes among proposals in the context of current policies and legislation;
- Establishes how the modern encryption debate should proceed; and
- Addresses the potential challenges should the discourse remain unaltered.
Read Next
FedRAMP Finalizes Emerging Technology Prioritization Framework
The GSA FedRAMP PMO released the final version of its Emerging Technology Prioritization Framework that seeks to expedite FedRAMP authorizations for select cloud offerings with emerging technology features, such as generative AI.
PQC: Lead the Way or Fall Behind
NIST has selected the Post-Quantum Cryptography algorithms and now is the time for organizations to decide to lead or get left behind. Establishing a foundation of trust and protecting information and infrastructure with these standards is crucial.
Risks Associated with IT Monoculture Needs Further Examination
IT concentration risk is a relatively new term but due to recent cyberattacks it has been front and center. To examine the issue the Center conducted an exercise to look at the threats of IT concentration risk and offer recommendations.
