On October 21-22, 2025, the Steering Committee of the Global Encryption Coalition was proud to host the third edition of the Global Encryption Day Annual Summit. This year’s summit, A Shield in Uncertain Times: The Role of Encryption, brought together a powerful mix of researchers, technical experts, former law enforcement and intelligence officials, and digital rights advocates to highlight the ways encryption protects us, and explore how we can keep encryption safe.
This year’s sessions evaluated the data behind government encryption policies, examined the cross-border costs of weakening encryption, celebrated a decade of web security with Let’s Encrypt, and reframed the privacy-versus-security debate by featuring former security officials who champion strong encryption. We were inspired by the powerful insights and clear calls to action from our speakers. Dive into some of the key quotes from the Global Encryption Day Summit below!
Evaluating Government Interventions in Encryption
The Department of Science, Technology, Engineering and Public Policy (STEaPP) at UCL presented findings from its research on “Evaluating Government Interventions in Encryption.” Drawing on robust evidence, the study examines how policies worldwide impact the security, privacy, and resilience of digital communications. Panelists discussed key insights and recommendations, highlighting how data-driven evaluation can guide balanced approaches to encryption policy.
“Several interviewees described a phenomenon where extensive, indiscriminate data acquisition obstructed investigations because it became so much harder for law enforcement to find the needle in the haystack.” Laura Gil Pereira Saraiva, UCL Master of Public Administration – MPA, Digital Technologies and Public Policy
The Cross-border Cost of Weakening Encryption
Taking aim at legislative threats like Canada’s Strong Borders Act (Bill C-2) and the EU’s “Chat Control,” this panel explored the dangerous ripple effects of weakening digital security. Speakers from Canada, Europe, and Africa rejected the old “privacy vs. safety” trade-off, arguing that the real debate is “security versus security.” The consensus was clear: civil society must keep up the pressure, constantly reminding policymakers that strong encryption is the foundation of both our economy and our national security.
“We need to keep working together to ensure that policymakers understand the role that encryption technologies play in their societies, in their economies, in their national security and the ways in which they are dependent upon this technology.”
Sally Wentworth, President and CEO, Internet Society
“We don’t need to choose between privacy and security. We want to have both because we want a secure digital environment. We have to communicate the importance of encryption for all.”
Ana Bárbara Gomes, Director, Institute for Research on Internet and Society
“It has been hard over the years to communicate to the public what encryption does and I think it’s our job in civil society and through coalitions like this one to keep doing that over and over again whenever the latest attacks on encryption come.”
Tamir Israel, Director, Privacy, Surveillance & Technology Program, Canadian Civil Liberties Association
“Encryption is a way to ensure that the Internet will be safe, inclusive for journalists, inclusive for policy, and everyone else that is working on sensitive topics. It’s important to national security. It’s important to national sovereignty and many other topics.”
Ana Bárbara Gomes, Director, Institute for Research on Internet and Society
“A more appropriate framing of the debate would be security versus security. Encryption not only protects privacy, but it also protects security, which means that if you want to achieve security by weakening encryption, you’re actually decreasing security, and this needs to be taken into account.”
Marcel Kolaja, Policy & Advocacy Director for Europe, Access Now
Celebrating 10 Years of Let’s Encrypt
For a decade, Let’s Encrypt has been at the forefront of creating a safer and more privacy-respecting web. A nonprofit Certificate Authority (CA) and a service provided by the Internet Security Research Group (ISRG), Let’s Encrypt has issued over 500 million TLS certificates, enabling websites across the globe to adopt HTTPS and strengthen their security infrastructure. Through automation, accessibility, and openness, Let’s Encrypt has made immense contributions to the online experience of millions of people, through putting web security front and center and making it available to everyone free of charge.
To celebrate Let’s Encrypt’s 10th anniversary, we brought together key experts to discuss the role TLS certificates play in keeping the internet safe.
“Today, we issue about eight to 10 million certificates per day. Maybe one of the most interesting recent milestones is that in February of 2025, we issued our first six-day certificate. So that’s the first time we’ve ever issued a certificate that wasn’t a 90-day certificate within a 90-day lifetime. In terms of challenges, early on for sure the biggest challenge was how to get trusted by the browsers. We needed another certificate authority to issue a certificate that vouches for our own certificates. Otherwise, it would take us somewhere we thought between seven and 10 years to be trusted and we didn’t have time and money to wait that out. Getting a cross sign from another CA was one of the biggest early challenges. ” Josh Aas, Executive Director and Co-Founder, Internet Security Research Group (ISRG)
“The other big challenge was getting the funding for Let’s Encrypt. It was really hard to explain to people why this should happen and why it was so important. We were lucky to be able to have partners at Okami and Cisco who understood what we’re trying to do and understood why this is good for the internet even if it wasn’t actually going to help their bottom line in any meaningful way. Once you have something going you can get more people interested but to get to the point, we had the initial investment from Mozilla, Cisco and Akamai. The funding and the cross sign is what made this possible.”
Eric Rescorla, Senior Fellow, The Knight-Georgetown Institute
“Encryption means that users can have confidence in the content that they’re interacting with. So you know for us it would be in Firefox they can trust the websites that they’re visiting and the content that on that website that hasn’t been intercepted or modified and that other parties outside of that cannot read the transfer data. So that has guided our product strategy over the years. The Firefox privacy and security team has done a lot of work to implement upgrade mechanisms so that more HTTPS connections can happen. Most recently we shipped HTTPS first which allows us to first try and automatically upgrade the connections to the HTTPS protocol.”
Vicky Chin, VP of Engineering, Firefox
“I think that it’s also important for us to understand that encryption algorithms are different from the deployment of encryption in practice. There is a process called formal verification, where you can actually verify whether the design of the product can or cannot be broken. And the idea behind formal verification is: Does a thing work exactly the way that it claims to work. I think it’s important to recognize that in an ideal world if an encryption algorithm is widely deployed an AI shouldn’t be able to find vulnerabilities in the algorithm. It is a different case however of how these systems are deployed in practice. We have to be quite careful about this because the Signal protocol itself has been formally verified, which is why its properties of end-to-end encryption will always work, AI or not AI. But the way it’s being implemented is also necessarily resilient to that.”
Udbhav Tiwari, Signal Foundation
Spies, Cops, and Cyber-Cops Defending Encryption
Reframing the debate, former law enforcement and intelligence officials argued that encryption is not an obstacle to security, but rather it is security. The speakers described a “self-help world” where encryption acts as the primary defense against hostile nation-states for individuals and companies alike. They highlighted the irony that governments rely on these same tools to protect national secrets, warning that weakening them would leave society exposed to existential cyber threats.
“The cyber security posture of the United States and its allies is terrible. All of society is at risk from an existential cyber threat. Governments around the world have failed to protect their citizens and their private enterprises from, in particular, nation state actors who are intent on hacking our systems and causing disruption and stealing our data. We’re essentially in a self-help world where individuals and companies have to try to figure out how to fend off the military and intelligence resources of hostile foreign states. It’s crazy. But encryption is one tool that exists for companies and individuals to do that to protect themselves from hostile foreign powers.”
James A. Baker, Former General Counsel of the U.S. Federal Bureau of Investigation (FBI)
“Whether [data] is in transit or at rest, you have to assume now that everything will be compromised. You just have to take a zero-trust approach, and consequently, it has to be encrypted in order for that sensitive information to be protected. The paradoxical part of it is that the government, as much as anybody else, relies on encryption to protect its national security secrets.”
Prof. Alan Woodward, University of Surrey
Encryption and National Security: A Fireside Chat with India’s Azad Yashovardhan
In a candid conversation, Azad Yashovardhan, former Special Director of India’s Intelligence Bureau, cut through the usual rhetoric to frame encryption as a matter of national survival. He questioned the logic of backdoors, asking whether compromising the security architecture of millions is ever worth the risk.
“If we cannot have a backdoor without completely breaking our security architecture, should we do it when it is affecting millions of people? Because that itself constitutes a bigger national security threat.”
Azad Yashovardhan, Former Indian Police Service officer and Special Director of India’s Intelligence Bureau