Print Friendly and PDF
only search openDemocracy.net

Right to privacy requires encrypted messaging

Some tech companies ensure encryption for instant messaging, but others don’t—and there’s no good reason not to in order to ensure our privacy rights are respected. Español

Imagine, everyone on the planet has access to internet beamed from the sky; billions have ultra-fast access though 6G mobile networks. The network is everywhere. One trillion connected sensors in cars, homes, factories, streets and highways monitor everything from our vital signs to air pollution and goods moving through supply chains. Every data point is recorded, analyzed, combined, and used to make near instantaneous, automated decisions.

Welcome to 2036, a world where privacy is dead—unless the protection of privacy becomes a core principle in the design and use of these technologies. Last month, Amnesty International released its ranking of 11 companies on their key policies and practices related to encryption and human rights. We ranked the companies behind the world’s most popular instant messaging apps and rated them on how they recognize risks to privacy and freedom of expression, how they mitigate against these risks through the use of encryption and how they communicate thee risks to their users.

Central to our ranking is whether companies are using end-to-end encryption in their apps. This is a method that scrambles information sent between the sender and the recipient so that only you and the friends, family and co-workers you communicate with, can read it. With end-to-end encryption, even the companies running the apps cannot read the communication.

While we’re used to tech companies using our data to sell ads, many have accepted that people expect more privacy in instant messaging. Whether it’s Apple, which does not rely on ad revenue, or Facebook, which relies on ads for almost all its profit, these companies and other smaller ones now apply end-to-end encryption for apps like iMessage, WhatsApp and Line.

On the other hand, Snapchat, Skype and Blackberry Messenger are among the apps still missing this necessary feature. There is really no excuse: the technology is readily available, the risks to our information from mass surveillance and cybercrime are well known, and encryption has been recognized by the UN High Commissioner for Human Rights as an enabler of human rights.


Pixabay/bykst (Some rights reserved)

With so much of our personal, financial and professional information online, we should use the best technology to protect it.


A complaint we often hear about end-to-end encryption comes from law enforcement agencies, who complain that it prevents them from accessing information necessary to prevent and investigate crime. In many countries, senior security officials and politicians have alluded to—or explicitly called for—a ban on end-to-end encryption. These calls are misinformed, misguided or disingenuous.

We don’t deliberately manufacture flawed house locks or give a master key for the front door to the local police. Firstly, stronger encryption provides stronger information security. With so much of our personal, financial and professional information online, we should use the best technology to protect it. We don’t deliberately manufacture flawed house locks or give a master key for the front door to the local police. Does it mean it’s harder to open? Yes, and it should be.

Can someone use technology, whether it’s locks, GPS, or cars to commit crime? Of course they can, but it doesn’t mean we should make them less safe, reliable or efficient for everyone else.

Secondly, forcing big companies to forgo end-to-end encryption won’t stop even moderately sophisticated criminals from using it. The technology is free, widely available and can be duplicated with relative ease. All we would achieve by restricting the use of end-to-end encryption is to undermine the information security of billions of people, while doing nothing to stop criminals from using the technology.

The idea that all communications should be accessible was unheard of until some governments started asserting it in the past few years. In the thousands of years of human civilization, when you had a conversation in private with someone, it stayed private unless one of two things happened: one of you talked about it or there was a spy—or spying equipment—hiding somewhere and listening in.

Imagine how history would be different if people couldn’t trust in the privacy of their conversations. Would we still believe the earth was flat and bow to divine kings? Would science and music have flourished as they have? Would you be with your partner? The ideas that change our lives and our world often start in private. The moonshots that make the impossible real often start as crazy exchanges of ideas between a few people.

The vision of the future I imagined at the beginning of this article is—if anything—a sedate one. In the next few years, mixed reality will likely overtake smartphones as the most advanced computing and communications platform. Glasses and other devices will superimpose a digital reality on top of our physical world. Virtual reality will advance to the extent that people will have regular social gatherings, work meetings and even relationships in virtual constructs. Artificial intelligence—already advancing much faster than anyone would have predicted a few years ago—will power financial, healthcare and government information systems.

All these technologies will produce and process increasing amounts of data about every aspect of our lives. Technology can better our lives, but not if privacy is destroyed along the way. Privacy is critical to human progress and we must defend it against those who want to destroy it for their own gains.

In Amnesty’s report, we chose to focus on instant messaging for a simple reason: it’s the most private form of digital communication for the billions of people who have access to the internet. To protect the right to privacy now and in the future, we have to protect our ability to use the best privacy-protecting technology, like end-to-end encryption.

Companies like Blackberry, Microsoft (which owns Skype) and Snapchat need to adopt end-to-end encryption technology in their messaging products. Others like Apple and Facebook who already use the technology need to better communicate to their users when their messages are protected and when they’re not. In our assessment, it was clear that even the companies that topped our ranking, only did so because other companies did worse—they all had room to improve even on this narrow, but vital, aspect of privacy.

About the author

Sherif Elsayed-Ali is Deputy Director of global issues at Amnesty International. He directed Amnesty’s work on refugees and migrant rights for several years until June 2016.

Sherif Elsayed-Ali es director adjunto de asuntos globales en Amnistía Internacional. Dirigió el trabajo de Amnistía en materia de derechos de los refugiados y migrantes durante varios años, hasta junio de 2016.

Sherif Elsayed-Ali est directeur adjoint d’Amnesty International pour les thématiques mondiales. Il a coordonné les activités d’Amnesty sur les droits des réfugiés et des migrants pendant plusieurs années, jusqu’en juin 2016.

Read On

More On

Subjects

We encourage anyone to comment, please consult the
oD commenting guidelines if you have any questions.