Opinion

The Ongoing Encryption Debate

Two weeks ago, in an opinion piece for the Christian Science Monitor, Quinn DuPont presented an interesting  perspective on the ongoing debate surrounding encryption. Unfortunately, I think he’s wrong on a number of important points.

Initially, DuPont’s message seems to be that the encryption debate is framed by a false dichotomy between a “mythical state of privacy” and a “dystopian present.” If DuPont had ended the message there, he might have had a good contribution to the debate. Unfortunately, he loses me when he argues that a reframing of this discussion should begin by “rejecting advocacy for pervasive and ubiquitous cryptography,” and arguing that any “solutions should leverage strong democratic controls and collective decision-making.”

But at no time does he ever explicitly define what any of this actually means. Internet governance already occurs in a decentralized manner rife with negotiations between various stakeholders–private actors, states, nonprofits, network engineers, and many more. How do Internet governance mechanisms play into the encryption debate? DuPont doesn’t address that point directly.

Rather, he goes on to argue that “we can choose the technologies we live with, and determine how we want to interact with them through democratic controls.” Again, this focus on “democratic controls” as some sort of panacea is bandied about without any substantive explanation. Is it an advocation for technocracy, whereby some all-enlightened, angelic regulators who have the ability to peer into the future are better positioned to steer the course of human progress? Or does he mean we, as a citizenry, are to hold regular votes on the technologies permitted for social adoption? Don’t we already “choose the technologies we live with?” Aren’t the “democratic controls” used for “collective decision-making” simply market forces?

DuPont’s clearest two points regarding how we can best reframe the encryption debate are statements about what we all need to recognize. The first, that there are sometimes trade-offs between privacy and security. A fair point.

Second, we must dispel with the idea that the Internet can be a “public sphere.” Instead, recognize that it is merely an infrastructure–one where “online rights are an illusion that mask marketing decisions. The Internet’s routers, protocols, fiber optic cables, and platforms are all owned – and in no way free.” This seems to be where his argument for “democratic control” comes into play: that because the Internet is akin to “an infrastructure like any other, control over [it] should be subject to democratic control.” Since, he argues, we don’t expect a “hands-off approach” to other regulated utilities, why ought we expect it with regards to our digital communications?

The answer is because that “hands-off” approach is how the Internet has evolved into the global innovation platform it is today. The modern Internet’s success can be traced to a 1997 policy memo produced by the Clinton Administration. The U.S. Framework for Global Electronic Commerce outlined 5 guiding principles to facilitate the growth and development of the commercial Internet:

  1. “The private sector should lead.”
  2. “Governments should avoid undue restrictions on electronic commerce.”
  3. “Where governmental involvement is needed, its aim should be to support and enforce a predictable, minimalist, consistent and simple legal environment for commerce.
  4. “Governments should recognize the unique qualities of the Internet.”
  5. “Electronic Commerce over the Internet should be facilitated on a global basis.”

The Internet is a complex ecosystem; when dealing with complexity, the simplest rules are best. DuPont’s argument is that the solution to the encryption debate is eschewing strong, ubiquitous encryption and disregarding the “cyberlibertarian” fabrication “that our digital communications infrastructure was built and thrived as a public sphere.” Embrace the Internet as a government-sanctioned utility monopoly and that will lead to a better reframing of the encryption and online security debate.

Really?

We see the dysfunctionality that grips Capitol Hill–that center of “democratic controls”–and the less-than-stellar service that monopolistic utility companies offer consumers. Do we really want those models to apply to the Internet? Do we really want those models to apply to the proliferation of encryption?

This is an issue that affects the security of dissidents in authoritarian countries, allows journalists to securely communicate with whistleblowers and sources, and protects ordinary Americans’ financial information when engaging in online commerce. DuPont tries to reframe the debate in a wanderlust manner, presenting numerous metaphorical comparisons and ill-defined solutions.

Ryan Hagemann is the technology and civil liberties policy analyst at the Niskanen Center.

Do NOT follow this link or you will be banned from the site!