Should Encryption be enabled by default?

Encryption by default

A revolution of sorts has recently come to light. The revolution of encryption by default. This tiny phrase has big implications for none other than law enforcement. In the past few years the world has become so much more aware of privacy, both from the government and criminals. Our data is now more than ever thrust over the internet and our daily lives are forever interconnected with the internet through the services we use and the lifestyles we now live.

With revelations making our knowledge of privacy more of a concern many of the US based companies who may have fallen fowl of NSA requirements are taking steps to salvage their image by moving towards more secure methods of storage or systems that encrypt and protect our privacy by default.

One of the first companies to jump on the encryption bandwagon was Google when it suddenly introduced secure searching with the introduction of it’s SSL based search. The standard http://google.com was replaced with https:// making use of SSL to encrypt the connection between yourself and Google. While introduced after the wake of the Edward Snowden revelations the actual purpose is far more important that thwarting governmental spying by protecting users search requests when using public wi-fi, internet cafes and other public locations.

The introduction of a secure search is impressive although it does not remove the fact that it is still possible for other parties to know you visited Google and the search terms that you typed which for example can be passed on to the sites that you eventually click. It is possible for any site, even ones such as this to see what search term you typed that eventually brought you to ours and other sites.

The debate has been furthermore enhanced recently with the decision by Apple to employ file encryption on its iOS 8 software for which it has no keys to unlock the data. While Google have not done so yet it has stated that it will be introducing a similar feature in the next release of Android.

Default encryption of this sort has come under fire from organisations such as the FBI. The head of the FBI, James Comey recently stated “What concerns me about this is companies marketing something expressly to allow people to place themselves beyond the law“. His statement was given in relation to the push towards encryption on mobile devices with the likes of iOS 8 and planned Android upgrade in which he states that the FBI are concerned that it may allow devices of criminals and terrorists to become closed off in investigations.

Previously with the aid of the software companies, law enforcement may have been able to gather data from such devices, but with the advent of encryption without the key to unlock it, it could lead to a situation where data is inaccessible even to agencies such as the FBI.

However while such a situation is good for privacy advocates it may cause concern for any genuine user who has reservations about criminals and terrorists being able to become immune in regard to their device usage. Panic and fear should be set aside as one forensic researcher with an interest in iOS had already stated that the encryption does not mean that law enforcement could not gain access to your data via some other manner. Jonathan Zdziarski stated “this does not mean that the police can’t get to your data. What Apple has done here is create for themselves plausible deniability in what they will do for law enforcement.

So while Apple may be appealing to public perception, especially in relation to how they assist law enforcement, it does not mean that with good old detective work and forensic investigation that data on criminals devices could not be accessed.

A thin line between encryption/privacy and what is required to keep up safe is developing and one question that is going unanswered. While revelations have lead many of us to be concerned about our privacy the simple fact remains that whatever technology is available to decent law abiding citizens is also available to criminals and terrorists. It appears the years of easy investigation through simple back doors available to law enforcement are gone and new tactics will need to be employed in the future to stay ahead of the curve and catch those criminally minded.

Image courtesy of Stuart Miles at FreeDigitalPhotos.net

Christopher Seward

Author: Christopher Seward

After 25 years of using the internet, Christopher launched one of the very first VPN comparison websites in 2013. An expert in the field his reviews, testing and knowledge have helped thousands of users get the correct VPN for their needs.

Leave a Reply

Your email address will not be published. Required fields are marked *

Sign up to our newsletter

Get the latest privacy news, expert VPN guides & TV unblocking how-to’s sent straight to your inbox.