Sunday, 6 March 2016

Changing The Encryption Debate Landscape

I read an interesting paper entitled "DEcryption Contract ENforcement Tool (DECENT): A Practical Alternative to Government Decryption Backdoors" this weekend. It is still to be peer reviewed but in essence it proposes a scheme whereby the encryption employed is not weakened but rather if a pre-agreed set of criteria are met then those using the encryption agree that another trusted party can decrypt the data, even if they were not the originally intended recipient.

The practicalities of the specific scheme proposed are still open for refinement but let us for a moment assume you could achieve a situation where:
  1. Everyone was allowed to use the strongest possible encryption available
  2. It is possible to define a set of criteria that would define a situation that was considered extreme enough for, say, a law enforcement agency to need to decrypt the data
  3. It was possible to enable the decryption once the criteria were met without weakening the encryption or allowing the process to be abused by introducing some criteria that was not previously agreed
It raises a very interesting question - are there any circumstances under which society would be happy for their data to potentially be decrypted?

Many argue that privacy is an absolute right.  The UN's Universal Declaration on Human Rights is often cited in support of this argument.  However, what Article 12 of the UDHR actually says is:  

No one shall be subjected to arbitrary interference with his privacy, family, home or correspondence, nor to attacks upon his honour and reputation. Everyone has the right to the protection of the law against such interference or attacks.

The word "arbitrary" is all important in Article 12.  It would appear that if a set of publically agreed criteria for accessing someone's data was available, then it might be consistent with this human right.

I don't underestimate the difficulties in achieving a situation where a scheme such as that proposed in this paper was truly secure.  Neither do I underestimate the difficulty in agreeing a set of criteria with which the majority would be content - I quite deliberately say the majority because I suspect the only way for this to occur meaningfully would be through the democratic process, which always results in a vocal minority who never accept the majority view.

I think this would be a very useful debate to have. Why? Because I suspect the whole encryption debate has become a proxy for the fact that some have lost faith in the politicians and political process even where democracy is effect.  It would be very instructive to ask the more extreme privacy campaigners if there were any circumstances in which they believe law enforcement agencies should be allowed to access personal data.

Personally, I believe in Article 12 of the UDHR.  However, I also believe that there are circumstances in which law enforcement agencies must be allowed to access "private" data.  Hitherto the technological landscape has always meant that this was in an all or nothing context.  Perhaps if we apply our combined brainpower to coming up with a solution such as is proposed in this paper we might be able to avoid that binary decision.  But, if it is possible, I wonder what proportion of those in the debate would be satisfied?