June 18, 2015
WASHINGTON, DC — In the past year, a conflict has erupted between technology companies and privacy advocates who support the right to use strong encryption and members of the U.S. law enforcement and intelligence communities that believe any encrypted services or products should have built-in backdoors to allow for lawfully authorized surveillance. Reminiscent of the “Crypto Wars” of the 1990s, this debate has rekindled an alliance between industry groups, privacy advocates, and security experts from across the political spectrum in opposition to any government attempts to weaken encryption or insert new vulnerabilities into secure hardware and software. Today OTI is releasing a new report, “Doomed to Repeat History? Lessons from the Crypto Wars of the 1990s,” that tells the story of the original Crypto Wars and draws out lessons that can be applied to today’s debates surrounding encryption.
The release coincides with UN Special Rapporteur David Kaye’s presentation yesterday to the Human Rights Council of his report on how encryption and anonymity are critical to free expression in the digital age. It also comes just one week after the House of Representatives, in an overwhelming bipartisan vote, approved an appropriations amendment that would defund any attempt by the government to request or mandate that tech companies weaken the security of their products to facilitate surveillance.
The new report is the latest in OTI’s series of work on the issue of encryption backdoors, following OTI Director Kevin Bankston’s testimony before the House of Representatives outlining 10 reasons why backdoor mandates are a bad idea, and OTI’s organization of a broad coalition of nearly 150 companies, civil society organizations and individual experts who are pressing the White House to take a stand against backdoors. The report highlights a similar coalition that ultimately won two critical technology policy battles in the 1990s. The first conflict was over the U.S. government’s attempts to promote so-called “key escrow” solutions, such as the much-maligned “Clipper Chip” technology, in which the government or a trusted third party would hold master keys that could decode any encrypted communications; the other over the U.S. government’s attempts to restrict the proliferation of strong encryption products overseas by treating them as munitions subject to export controls. Despite fierce debate, by the end of the 1990s, the resolution was clear: policymakers endorsed the benefits of strong encryption for the U.S. economy, Internet security, and civil liberties, setting the stage for the massive growth of the Internet economy in the early 2000s.
The following can be attributed to Kevin Bankston, Director of New America’s Open Technology Institute and Co-Director of New America’s Cybersecurity Initiative:
“Those who do not learn from history are doomed to repeat it. Since so many law enforcement and intelligence officials today seem ready to start fighting Crypto Wars 2.0, it’s important to reflect on the history of the original Crypto Wars so as not to repeat the mistakes of the past. By the end of the 90s, after nearly a decade of debate, there was a broad bipartisan consensus that policies intended to weaken or restrict access to strong encryption were bad for privacy, bad for security, bad for business, and a bad strategy for combatting crime. Encryption backdoors are just bad policy, period, and that’s as true now as it was twenty years ago--even more so, when we need strong encryption to protect us from a growing range of cyberthreats.”
The following can be attributed to Danielle Kehl, Senior Policy Analyst at New America’s Open Technology Institute:
“The diverse alliance of privacy activists, tech experts, business leaders, and politicians from both sides of the aisle that banded together to fight the Crypto Wars set an example for Internet advocates that has since been followed in other successful campaigns like the fights for strong net neutrality rules and for post-Snowden surveillance reform. We have no doubt that if policymakers fail to heed the lessons of the 1990s — that encryption is good for the Internet economy, cybersecurity, and our civil liberties — an equally powerful and broad alliance will stand up to win the fight for our right to encrypt.”