The views expressed by contributors are their own and not the view of The Hill

Encryption vital to protecting our data in the modern age

by Sunday Yokubaitis, opinion contributor - 04/01/18 11:00 AM ET

As some law enforcement officials would like to have you believe, choosing to digitally arm yourself for defensive purposes does not make you a criminal. For many years now, arguments have been made over the extent an individual should be able to, however no serious case to eliminate this ability had been made — until now.

At a recent speech, CIA Director Mike Pompeo touched on the traditional national security topics, but then he ventured into the surreal. The CIA director offered, “Cyber is another vector — it’s not a threat of its own, but it is a means by which many non-nation-state actors can inflict incredible costs on the United States of America.” The alarming part is when he attaches the proliferation of end-to-end encryption as part of the challenges his agency faces when tracking these non-nation state terrorists.

{mosads}To be clear, the head of America’s intelligence agency is saying that encryption is part of the problem for law enforcement in fighting the bad guys. Though this shouldn’t be a shock, as Congressman Pompeo once wrote, “The use of strong encryption in personal communications may itself be a red flag.”

For anyone wondering why an individual would consider using encryption in their daily lives, let me illustrate what this means. In today’s connected world, the reason you read so many stories about cyber-crimes committed by two-bit hackers is because they are trying to steal your credit card number, or enough personal information to commit identity theft. They are afforded this ability because of your lack of encryption. In Free states, encryption is used to protect people from cyber criminals. In the more oppressive countries, encryption is used as a tool to break through firewalls to gain access to an uncensored free and open internet. In many cases, it is the users’ only interaction with the outside world that hasn’t been sanctioned by their government.

Criminalizing encryption is the elimination of our right to self-protect from privacy thieves. The hard truth is encryption exists to protect our right to free speech online here and abroad.

The CIA is far from being a lone voice in the woods, as Deputy U.S. Attorney General Rod Rosenstein is a long-time encryption critic. He’s used every criminal event of national interest as a platform to attack personal digital security as part of a tech conspiracy to thwart law enforcement’s effort to tackle crime. While personal encryption is effective against hackers, governments by and large are getting every byte of your data they want.

Perhaps the deputy attorney general’s most naïve position has been to demand tech companies create strong consumer encryption, but also offer law enforcement backdoor access to your device’s data. This is coming from the same government that maintains a monstrous data center farm in Utah to collect and maintain every bit and byte of digital communications generated globally. The NSA is charged with overseeing the $1.2 billion facility, and promises to only use it for terrorist connected cases. However, as we’ve noted in the past, perhaps the greatest leakers of secure and private information is the very intelligence community that is charged with shielding us from those evildoers. Aside from the ridiculous expectation of an encryption-lite option, a Stanford University cryptographer made it abundantly clear in a recently released paper, and assures us that this type of “securely accessible” encryption does not exist.

Due to the mounting law enforcement worldview of effective encryption as a platform used primarily by criminals, and the general decline of privacy, the ability to maintain some shred of confidentiality is now accompanied with stigma, as well as a price tag that is growing out of reach to the average consumer. Sadly, the United States has been moving toward becoming a country that enjoys cheap luxuries, but expensive necessities. Privacy is no longer a right in the digital realm, but a commodity to be bartered without the creator’s consent.

This exposure has lead everyday consumers to seriously consider options that help shield their data. One pragmatic piece to the privacy solution would be to minimize the chances of such data theft concerns by allowing competition to reign in the ISP markets once again in the form of “open access,” which would restrict network infrastructure providers to operating within prescribed limits. Removing the government protected oligarchy that rules America’s current internet access options would allow consumers to choose providers that consider privacy a priority to their customers, rather than a self-entitled byproduct.

Privacy and access to effective encryption should be a fundamental right. The overtures by the government have forced consumers to consider privacy enabling applications — but it shouldn’t be that way. The right to self-protect should not come with an over-burdensome price tag, and certainly not with an assumption of guilt. There is a strong and proven legislative path forward in allowing consumers to protect ourselves, and it begins with open access.

Sunday Yokubaitis is president of Golden Frog, a global online Virtual Privacy Network (VPN) services provider through VyprVPN that ensures consumer privacy and security online.