After months of threats from the Department of Justice and the FBI, and some end runs on encryption (e.g., the EARN IT Act), Senators Lindsey Graham (R-SC), Tom Cotton (R-AR) and Marsha Blackburn (R-TN) have introduced the most sweeping attack on encryption in more than a generation. The Lawful Access to Encrypted Data (LAED) Act, S.4051, essentially forces companies to build backdoors to allow access to encrypted data even in contexts in which a warrant based on a finding of probable cause is not required.
This is another in a long line of attempts by governments and law enforcement to undermine use of end-to-end encryption, in which only the sender and receiver (not even the company providing the service) can access the communications. While trying to prevent crime is an important goal, breaking encryption is not the answer. The same backdoor placed in a system for use by law enforcement could be exploited by criminals, putting everyone on that service at greater risk of harm.
When it comes to digital security, the stakes are higher than ever. Individuals are increasingly reliant on Internet-based communications to conduct their daily lives, and traditional messaging apps can now be used for banking transactions, telehealth, and online purchases, in addition to connecting with friends and family. Forcing U.S. companies to build a backdoor (aka, a vulnerability) into their products and services risks the safety of hundreds of millions of Americans. It also has a ripple effect on the billions of users of these services around the world who will face the choice to also be put at risk or move to another, less risky platform.
That’s why the Global Encryption Coalition Steering Committee, along with more than 75 other civil society and industry organizations and individual cybersecurity experts, have signed on to an open letter strongly opposing the LAED Act. When it comes to personal security online, no one can afford to pay the consequences of allowing this frontal attack on encryption to succeed.
The statement can be attributed to:
- Greg Nojeim, Director of the Freedom, Security and Technology Project at the Center for Democracy & Technology
- Charles Bradley, Executive Director at Global Partners Digital
- Jeff Wilbur, Senior Director of Online Trust at the Internet Society