An open letter to Senator Bob Casey on end-to-end encryption

Published 2020-03-07 on Drew DeVault's blog

To Senator Bob Casey, I’m writing this open letter.

As your constituent, someone who voted for you in 2018, and an expert in software technology, I am disappointed in your support of the EARN IT Act. I am aware that encryption is a challenging technology to understand, even for us software engineers, and that it raises difficult problems for the legislature. The EARN IT Act does not protect our children, and it has grave implications for the freedoms of our citizens.

The mathematics underlying strong end-to-end encryption have been proven to be unbreakable. Asking service providers to solve them or stop using it is akin to forcing us to solve time travel or quit recording history. Banning the use of a technology without first accomplishing a sisyphean task is equivalent to banning the technology outright. Ultimately, these efforts are expensive and futile. The technology necessary to implement unbreakable encryption can be described succinctly on a single 8.5”x11” sheet of paper. I would be happy to send such a paper to your office, if you wish. The cat is out of the bag: encryption is not a secret, and its use to protect our citizens is a widespread industry standard. Attempting to ban it is equivalent to trying to ban algebra or trigonometry.

Citizen use of end-to-end encryption is necessary to uphold our national security. One way that child abuse material is often shared is via the Tor secure internet network. This system utilizes strong end-to-end encryption to secure the communications of its users, which makes it well-suited to hiding the communications of child abusers. However, the same guarantees that enable the child abusers to securely share materials are also essential for journalists, activists, watchdog groups - and for our national security. The technology behind Tor was designed by the US Navy and DARPA and the ability for the public to use it to secure their communications is essential to the network’s ability to delivery on its national security guarantees as well.

Protecting our children is important, but this move doesn’t help. Breaking end-to-end encryption is no substitute for good police work and effective courts. Banning end-to-end encryption isn’t going to make it go away - the smart criminals are still going to use it to cover their tracks, and law enforcement still needs to be prepared to solve cases with strong encryption involved. Even on the Tor network, where strong end-to-end encryption is utilized, many child abusers have been caught and brought to justice thanks to good investigative work. It’s often difficult to conduct an investigation within the limits of the law and with respect to the rights of our citizens, but it’s necessary for law enforcement to endure this difficulty to protect our freedom.

End-to-end encryption represents an important tool for the preservation of our fundamental rights, as enshrined in the bill of rights. Time and again, our alleged representatives levy attacks on this essential technology. It doesn’t get any less important each time it’s attacked - rather, the opposite seems to be true. On the face of it, the EARN IT Act appears to use important and morally compelling problems of child abuse as a front for an attack on end-to-end encryption. Using child abuse as a front to attack our fundamental right to privacy is reprehensible, and I’m sure that you’ll reconsider your position.

As freedom of the press is an early signal for the failure of democracy and rise of tyranny, so holds for the right to encrypt. I am an American, I am free to speak my mind. I am free to solve a simple mathematical equation which guarantees that my thoughts are shared only with those I choose. The right to private communications is essential to a functioning democracy, and if you claim to represent the American people, you must work to defend that right.

Have a comment on one of my posts? Start a discussion in my public inbox by sending an email to ~sircmpwn/ [mailing list etiquette]

Are you a free software maintainer who is struggling with stress, demanding users, overwork, or any other social problems in the course of your work? Please email me — I know how you feel, and I can lend a sympathetic ear and share some veteran advice.

Articles from blogs I follow around the net

Achieving accessibility through simplicity

I have received many emails complimenting SourceHut’s simple design and lightweight pages1, but I have received a surprising amount of positive feedback from a particular group of users: the blind community. For many software teams, especially web developers…

via Blogs on Sourcehut May 27, 2020

Status update, May 2020

This month I’ve started working with Valve, the company behind the Steam game platform. I’ll be helping them improving gamescope, their gaming Wayland compositor. Unlike existing compositors, gamescope uses Vulkan and libliftoff. Because these are pretty …

via emersion May 18, 2020

Go Developer Survey 2019 Results

What a response! I want to start with an enormous thank you to the thousands of Go developers who participated in this year’s survey. For 2019, we saw 10,975 responses, nearly twice as many as last year! On behalf of the rest of the team, I …

via The Go Programming Language Blog April 20, 2020

Generated by openring