I’m a “follow the money” guy and the only thing I can think is that back dooring encryption helps the largest tech companies, because only they will be able to do it “safely”. In a world where all online vendors back door their encryption, you want the largest companies to do it “right”.
Obviously this is very dumb and shouldn’t happen. But I simply can’t understand pure motivations for dumping millions into weakening encryption. There must be some financial incentive for someone.
The largest tech companies (think Meta, Apple, Google to some extent) currently have most of your private data, and have largely made the decision to encrypt it. Presumably they’ve decided that they have enough user data to suit their advertising needs, and this private stuff (DMs etc.) is both a legal liability and a threat to their reputation with customers. Even Mark Zuckerberg is pretty militantly pro-encryption now and is risking a lot of political blowback to encrypt Messenger and Instagram DMs.
My unsubstantiated theory is that some corporate interests are aware of this, and this data continues to be valuable to them, even if its current custodians don’t want it. That means there is presumably a pool of tech companies and government contractors who see this data being under-exploited and want access to the revenue from mining it. Promoting new laws like anti-CSAM scanning regulations provide them with an “in” to that data they wouldn’t otherwise have: at very worse they can sell scanning solutions. And maybe as the laws metastasize they can use them to perform even more sophisticated data mining on private texts, and even produce byproducts that they can monetize in other ways.
> But I simply can’t understand pure motivations for dumping millions into weakening encryption.
It will generate a few reports to law enforcement, when a very few very stupid or careless criminals mess up. And it will keep a few copies of certain images from getting forwarded.
That's it. That's your pure motivation. These are true fanatics.
The fact that law enforcement already has more reports than it can handle doesn't matter. There's always a chance that one of them could be actionable.
The fact that the same images are still going to circulate through other channels, and that most people who want them will still find them, doesn't matter. There's always a chance that one person won't get a copy.
The fact that the responses will often be ineffective doesn't matter. At least somebody will get a chance to try.
The fact that the system can be repurposed to create a police state doesn't matter, because one incident of CSA outweighs anything else that could happen. If it saves just one child, nothing else matters. Oh, and by the way, sexual abuse is the worst thing that could possibly happen to any child, including murder.
The fact that the data will be abused for CSA does not compute. Of course all the people working against this scourge will be pure of heart. And of course a giant database can be made perfectly secure if you just nerd harder.
The fact that police states are dangerous places for children also does not compute. Because that would mean that there was nothing to do about the most important problem that could ever exist. And that can't be, because we live in a just world.
It's harder to run targeted ads if the data is encrypted.
Sometimes I feel that it's less about money and more about control, but control, in a weird future sense. I wonder if the thought process is, "we should collect this now, so we can use it later," without ever really knowing what it will be used for later.
It's so strange to see tech companies fight for encryption, not only Apple, which also has a large ad business, but even Meta and Google, which are almost entirely ad-funded, only to see people on HN speculate about how ads are the reason for the fight against encryption.
The article says the organization behind this is the Hopewell Fund. Here's that fund's Form 990.[1] The long list of organizations they support, and how much each got from them, starts at page 41. They also run ad campaigns of their own and spend a lot of money with Perkins-Cole, a law firm. They seem to fund a long list of nonprofits doing all sorts of things. Somewhere in that list may be an anti-encryption organization. Can anyone find it?
Obviously this is very dumb and shouldn’t happen. But I simply can’t understand pure motivations for dumping millions into weakening encryption. There must be some financial incentive for someone.