Politicians propose to forbid all buildings from having doors. After all "bad people/stuff etc." could lock the doors and hide behind them. Anyone arguing against that is obviously against safety.
Counterpoints:
- Do we currently have a big door problem?
- Wait, don't doors also serve an important function?
- Won't that make everybody much more insecure and basically do nothing against "bad stuff"?
- What if I put a wooden plank in front of the hole in my building? Wouldn't that be a "door"? Making doors illegal is not going to stop people from making "doors".
Now, people like to spin this analogy further and revise their proposal and say "Fine, keep your doors, but I get a spare key for every door made".
Problems with this:
- Yes, you and everyone in your office can grab the spare key and steal all my stuff (see TSA locks and basically any time in history that was tried).
- Remember the wooden plank above? That guy will not give you a spare key and can still hide "bad stuff".
- Fine, we will just use magical (blockchain) keys that nobody can steal and not make things insecure, but have an officer visit and inspect every room you have every 5 minutes. You have nothing to hide, do you?
I'm not sure this is a great analogy as yes, we permit people to have doors and locks but society also provides a mechanism for the government to lawfully get access to them. If the Police have a legit reason to access a property they go to court and get a warrent, and if they need to they'll kick the door in to get in.
The current government requests to be able to access encrypted info with a warrent are an extension of what currently happens in physical space.
"If the Police have a legit reason to access a property they go to court and get a warrent, and if they need to they'll kick the door in to get in."
That's what currently takes, place, Government doesn't have the keys, they have to use force to get in, or other methods. (However there are physical limits to materials, so there is usually a way to break in)
But, by having a special key that opens all the doors, anyone could copy it - yes rules can put in place to who as access, etc, etc, but by knowing there is a "hole" in each device, every possible malicious agent will try and break it as soon as possible. Then what?
We have seen examples by Law Enforcement officers using accesses to gather data that would required a court order, but they didn't have one, and it was for personal reasons. So, how does that work out?
The police are not the only ones who can get a battering ram.
>But, by having a special key that opens all the doors, anyone could copy it - yes rules can put in place to who as access, etc, etc, but by knowing there is a "hole" in each device, every possible malicious agent will try and break it as soon as possible.
This is true in theory but it this a risk in practice?
>We have seen examples by Law Enforcement officers using accesses to gather data that would required a court order, but they didn't have one, and it was for personal reasons. So, how does that work out?
TLDR: yes. Especially for companies and political dissidents (because countries, including the US, have used their secret and not-so-secret services to go after these. China vs Dalai Lama seems to be a rather well-known example, as is the theft of Airbus secrets by the NSA (not that the EU didn't do the same to Boeing). And if you can't trust the NSA with those keys, who exactly do you suggest we trust ?)
> You sue for damages under section 1983.
Ok, well let's keep in mind that this police officer was not convicted:
Note the duration of time these police officers were allowed to proceed, even after complaints were filed. Years.
The problem with any system that consists of people, is that people can be total immoral and criminal. Including, of course, Law enforcement, even judges. That means that we should make such systems safe even if groups of people within them conspire to commit crimes. Failure to do so can result in incredible damage to people. For a very recent example:
TLDR: the major, police, social workers, youth services and psychiatrists conspired to kidnap children and sell them to brothels, sex shop owners, and whoever else paid them ... out of hundreds of children stolen in this way, 2 have been returned after these people got caught.
Of course it was subsequently revealed that there are multiple dozen municipalities where such conspiracies existed. The state immediately intervened to stop all investigations except the one that had already made the paper "la Republica".
There is not a single European country where members of youth services haven't been caught doing the same, from Romania, to Sweden, to France, to the Netherlands.
A police officer does not need to be convicted criminally for you to get money from the state. If they've treated you unconstitutionally or unlawfully you're within you're rights to sue for damages under section 1983.
A police officer does not need to be convicted criminally for you to get money from the relevant government. If they've treated you unconstitutionally or unlawfully you're within you're rights to sue for damages under section 1983.
How do you know nobody has a copy of your house key? I live in an apartment building and it's actually mandatory for the super to be able to enter my apartment in emergencies so he has a key.
I do not know that there is no one out there in the world who has a key to my house. Even if there was and someone found that key on a city street they would likely not be able to figure out which house it opened.
I know there is no legally mandated key to everyone's house that would allow anyone to enter whomever's house they please.
If an officer does something that should require a court order and don't have one then they end up prosecuted in the same way a criminal would be. You put checks and balances in place to make sure that they are caught.
The problem is using "the enforcer," breaking in, and taking file cabinets is loud and obvious. Accessing your gmail account and dumping its entire history takes seconds and is entirely unnoticeable.
You can't compare physical and digital privacy, why are people still trying it?
> The current government requests to be able to access encrypted info with a warrent are an extension of what currently happens in physical space.
The key difference, to me, is that the current setup where the police can kick in the door to get in does not require subjects to make it any easier / more convenient for the police. If they have to raid and break in and get an approval, they will, but I am not required to arrange my locks or my furniture to help.
In fact, I am free to do the opposite. For example, I can put the things I do not want to share (private photos, detailed plans to become the world dictator, etc.), in an incinerator safe and try to destroy them if the doors are flying in. My 2c.
Shouldn’t they come to me then and look into my phone instead of constantly looking into my messages on the server?
I think the door is a great analogy.
Right. I believe it’s just laziness on their part. If the crime is abusing children, go catch the guys doing the abuse. If you’re worried someone is in possession of illegal materials go get a warrant and search their home/computer, etc.
There's no such thing as a perfect analogy because the entire point of an analogy is it takes an argument and reframes it in a different context. Different contexts have different edge cases and thus no analogy fits an argument perfectly.
Given this door analogy works for the majority of the arguments being presented (which is impressive in itself given how different the physical and electronic worlds are), I'd say it's actually a pretty good analogy.
Any analogy has its limitations, but I think it is helpful for talking about things like "back doors" (and how that is no different from not having doors at all) or how a proposal is basically only "unintended" consequences and no gain. Feel free to suggest a better analogy.
The main difference where this analogy breaks down is that it is much easier to build practically unbreakable encryption (assuming P != NP), versus practically unbreakable doors or safes.
Warrants give the government the legal right to access private materials or information. It allows them to use measures that would normally be illegal, to gain that access.
This is equally true for doors or encryption. If the government has a warrant for some data, they can attack the computing system that holds the data--just like trying to kick down a door.
They do this successfully all the time. Encryption is math in theory, but in practice it is implemented in hardware and software, neither of which are perfect. They are usually breakable.
The FBI made a big stink about forcing Apple to help them break the encryption on an iPhone. The FBI's own inspector general said that the FBI did not try hard enough to break into the phone before they went to court. And ultimately the FBI did break into that phone and access the data!
There is no need for a special law weakening encryption.
You don't have to go down to your police station with a copy of your key every time you change you lock, which some of the "solutions" imply. Further, there are no laws for how strong of a door you can build: you're more than welcome to have a safe with a 3-ft thick steel door and an unpickable lock, that'd take a professional a month to get through.
If the government of a wealthy nation state decides to read messages a given group of people have been sending to each other using user-friendly consumer chat services, it will succeed.
It just can't do so casually, with minimal resources, with a low probability of detection like it can when those messages are sent in the clear. A targeted cyberattack authorized by a warrant is the digital equivalent of sending a SWAT team to kick in a door.
They can get a warrant and have a court compel you to provide passwords already. That's equivalent to locked doors. What they want is the ability to go through peoples stuff without them knowing (via court order or not isn't even the point). Its not at all like the physical world.
The police, the government, the intelligence agencies and so on are not abstract entities, they are composed by people at all levels, in a capitalist economy, with human biases and wishes. There are plenty of documented examples of abuse of this kind of access for fun and profit.
And besides those not-so-abstract entities, they have contractors from private companies and corporations that aren't abstract neither, but even in abstract mode are driven by profit, not respecting your privacy/security/economy.
> (see TSA locks and basically any time in history that was tried).
For anyone unaware, the TSA lock master key was leaked by including a photo of an actual master key in a newspaper article about said locks. I don't think encryption keys shared with police/govt. will be any safer.
Everyone knows that encryption master keys will go exactly the same way -- they'll leak eventually (maybe there'll be a newspaper article with a picture of the master key).
The pursuit of lock-picking is as old as the lock, which is itself as old as civilization. But in the entire history of the world, there was only one brief moment, lasting about 70 years, where you could put something under lock and key—a chest, a safe, your home—and have complete, unwavering certainty that no intruder could get to it.
This is a feeling that security experts call “perfect security.” Since we lost perfect security in the 1850s, it has remained elusive. Despite tremendous leaps forward in security technology, we have never been able to get perfect security back
To counter that metaphor, what would the objection be to doors that lock, but the police are given a master key?
There are a few obvious issues with centralisation and the possibility of bad actors on the police, but I’m not sure how persuasive it is against “think of the children!!”
Every power any government has ever been given has been abused. Best to limit any government as much as reasonable.
Most places where child endangerment is/would happen is already encrypted, and it doesn't seem to be significantly hindering investigation. Beyond this, requiring a master key won't stop independent implementations that don't have such a thing.
It's like criminals are willing to break the law or something. Areas with strict gun control still have gun crimes, and people willing to endanger children would still use encryption without said back door.
The objection is they'll lose it, and locks will be useless. See: TSA locks are now useless because the TSA leaked images of the master keys, which anyone can create now.
Counterpoints:
- Do we currently have a big door problem?
- Wait, don't doors also serve an important function?
- Won't that make everybody much more insecure and basically do nothing against "bad stuff"?
- What if I put a wooden plank in front of the hole in my building? Wouldn't that be a "door"? Making doors illegal is not going to stop people from making "doors".
Now, people like to spin this analogy further and revise their proposal and say "Fine, keep your doors, but I get a spare key for every door made".
Problems with this:
- Yes, you and everyone in your office can grab the spare key and steal all my stuff (see TSA locks and basically any time in history that was tried).
- Remember the wooden plank above? That guy will not give you a spare key and can still hide "bad stuff".
- Fine, we will just use magical (blockchain) keys that nobody can steal and not make things insecure, but have an officer visit and inspect every room you have every 5 minutes. You have nothing to hide, do you?