Executive Summary

Encryption plays a critical role in data privacy and security by safeguarding online communications, enabling free speech, and protecting financial transactions, among other things. The Center for Cybersecurity Policy & Law, along with the vast majority of the cybersecurity community, believes weakening encryption would jeopardize the security, privacy, civil liberties, and vital social interests of every organization and individual.

While encryption protects individuals against crimes, like identity theft or unlawful surveillance, law enforcement and national security agencies argue that encryption makes it more challenging, or impossible, for law enforcement to investigate crimes and threats to public safety. Some argue, in the digital age, investigation necessarily requires digital evidence, including intercepted and decrypted communications related to public safety, terrorism, and child sex abuse materials (CSAM).

Opponents of encryption have framed this as a debate with two opposing sides, when we are actually united by a common cause against the same adversaries. Encryption protects everyone, including children and other vulnerable populations. Technology companies, including social media sites and messaging applications, do not want to be conduits to criminal activities or have illicit materials on their platforms.

The authors of this paper believe that it is time to rethink the conversation. As such, government and law enforcement must take a practical, incremental approach to policies and legislation that affect law enforcement and online security, rather than mandating ubiquitous surveillance that can circumvent encryption.

This paper will:

  • Examine the historic discussion and arguments around encryption policy.
  • Review recurring themes among proposals in the context of current policies and legislation.
  • Establish how the modern encryption debate should proceed.
  • Address the potential challenges should the discourse remain unaltered.

To download the paper in Japanese click here.

To download the paper in Korean click here.

To download the paper in Spanish click here.

To download the paper in Turkish click here.

Heather West, Zack Martin & Ivy Orecchio

Download the report here.

Read Next

Papers & Reports
Government

Examining Critical Infrastructure Cybersecurity and Resilience: A CCPL Tabletop Exercise After Action Report

The Center conducted a tabletop exercise exploring the ability of government and private sector to address disruption from a nation state with sophisticated cyber capabilities may cause to critical infrastructure if given extensive freedom of action.

Blog Post
Government

European Commission 2028-2034 Budget Proposal Includes Substantial Increase for Cyber, Digital Programmes

The European Commission presented its initial proposal for the European Union’s 2028-2034 financial framework that, if approved, could authorise nearly EUR 2 trillion in spending over seven years for cyber and other digital efforts.

Blog Post
Government

Congress’ Proposed Chip Security Act Threatens to Create New Cyber Vulnerabilities in U.S. Semiconductors

As the U.S. races toward global AI dominance, a new bill aimed at preventing diversion of innovative U.S. semiconductors to China could inadvertently make those very same chips less secure.