Interpol Confirms, Denies It's Against Strong Encryption
from the wait-that-sounded-better-before-we-said-it-out-loud dept
The latest law enforcement agency to offer up its opinion on end-to-end encryption doesn't seem to like it either. Joseph Menn reports for Reuters that Interpol is siding with the FBI, DOJ, and a handful of European government agencies in finding that encryption is bad and lets bad people do bad things.
The international police organization Interpol plans to condemn the spread of strong encryption in a statement Monday saying it protects child sex predators, three people briefed on the matter told Reuters.
At the group’s conference in Lyon, France on Friday, an Interpol official said a version of the resolution introduced by the U.S. Federal Bureau of Investigation would be released without a formal vote by representatives of the roughly 60 countries in attendance, the sources said.
This follows the anti-encryption agitating performed by Attorney General William Barr and FBI Director Chris Wray in response to Facebook's announcement it would add end-to-end encryption to its Messenger service, bringing it more in line with Whatsapp, another of Facebook's acquisitions. Both used the specter of child exploitation to argue against this implementation -- an effort to sacrifice the security of millions for some slight gains in law enforcement efficiency.
Sean Gallagher of Ars Technica obtained a draft copy of the resolution, which adds more redundancy to earlier "think of the children" arguments.
The current path towards default end-to-end encryption, with no provision for lawful access, does not allow for the protection of the world’s children from sexual exploitation. Technology providers must act and design their services in a way that protects user privacy, on the one hand, while providing user safety, on the other hand. Failure to allow for Lawful Access on their platforms and products, provides a safe haven to offenders utilizing these to sexually exploit children, and inhibits our global law enforcement efforts to protect children.
Encryption does not "provide safe havens" for child abusers. This is Interpol's version of AG Barr's "lawless spaces" assertions, which doesn't improve at all on Barr's fatuous statements. As former FBI General Counsel Jim Baker recently pointed out, Barr's argument isn't about where the law is being circumvented, but rather about how he doesn't like the way relevant laws work.
So, encryption has not, as the attorney general complained in his speech, really created a “law free zone.” It’s just that the law that applies in this area is not what Barr or the Justice Department want the law to be.
Interpol could not be reached for comment in time for publication but it sure had a lot to say about the issue now that its apparent stance on encryption has been made public. It told the New York Times' Nicole Peroth the Reuters story was inaccurate.
Interpol telling me this Reuter’s story is inaccurate:
Dear Ms Perlroth,
As per our statement there are, and were, no plans at this time for the INTERPOL General Secretariat to issue a statement in relation to encryption.
Regards,
Press Officehttps://t.co/EItFe0D3Je— Nicole Perlroth (@nicoleperlroth) November 18, 2019
If you can't read/see the tweet, it says:
Dear Ms Perlroth,
As per our statement there are, and were, no plans at this time for the INTERPOL General Secretariat to issue a statement in relation to encryption.
This contradicts statements made by conference attendees, who said Interpol's resolution/statement was "due to be published this week." Perhaps Interpol has undergone some hasty reconsideration after reading its own words on the pages of multiple press sites. Or maybe the timetable is off. All Interpol is really saying is that it won't be issuing this "at this time." This isn't a rejection of these articles' substance. It appears to be nothing more than a dispute about when Interpol will take a public stance against encryption.
Or maybe it has decided to let the 60 representatives from countries Interpol serves actually vote on the resolution. This would be a far better route than issuing a resolution unilaterally declaring opposition to encryption that many members may not actually support.
Whatever the case, Interpol's suggestion that encryption's main beneficiary is international crime is shortsighted and selfish. It's also dangerous. In a world filled with cyberthreats, efforts to undermine encryption "for the good of the public" won't actually result in the public being better served. It certainly won't make them any better protected.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: doj, encryption, fbi, going dark, interpol
Reader Comments
Subscribe: RSS
View by: Time | Thread
'Next on the agenda: The biggest gift to criminals EVER'
Nice to know that another agency in charge of catching criminals is against one of the most important protections the general populace has against criminals, laughable non-responses to the contrary.
Reading their twitter 'response' it's important to highlight what isn't in there, namely a declaration that they aren't in fact against encryption and do in fact support something that protects hundreds of millions of people on a regular basis. They could have said 'The article got it wrong, we at INTERPOL fully realize how valuable encryption is to the safety and security of countless people, and as such we would never be in favor of any plans to weaken it via deliberate attempts to break it', but instead they just went with an utterly empty 'this particular person hasn't said anything on the matter yet', which is just all sorts of damning after the article.
As for the draft resolution as quoted in the article, time for another rousing game of 'word swap'.
'The current path towards default closed windows and locked doors, with no provision for lawful access, does not allow for the protection of the world’s children from sexual exploitation. Home construction and decoration providers must act and design their services in a way that protects homeowner privacy, on the one hand, while providing homeowner safety, on the other hand. Failure to allow for Lawful Access on their windows and doors, provides a safe haven to offenders utilizing these to sexually exploit children, and inhibits our global law enforcement efforts to protect children/look through any window/open any door unimpeded.'
Or perhaps swap out some different words...
'The current path towards default privacy, with no provision for lawful hearing, does not allow for the protection of the world’s children from sexual exploitation. Providers of areas that are outside of electronic surveillance must act and design their property in a way that protects speaker privacy, on the one hand, while providing speaker safety, on the other hand. Failure to allow for Lawful recording of any location that could be used for private conversations, provides a safe haven to offenders utilizing these to sexually exploit children, and inhibits our global law enforcement efforts to protect children.
The word they may be using is 'encryption', but what they're really complaining about is privacy, the ability for people to communicate in ways that they can't listen in to, and while it is absolutely true that bad people can make use of that pesky 'privacy' to plan/do/get away with bad things vastly more make use of it in perfectly legal ways, using encryption to protect them from criminals on a scale that would only be dwarfed by the damage that would be caused by undermining it.
[ link to this | view in chronology ]
Spot on.
[ link to this | view in chronology ]
Re: 'Next on the agenda: The biggest gift to criminals EVER'
Or perhaps, "We're not very good at our jobs, so anything that makes them harder means more criminals will get away with it."
[ link to this | view in chronology ]
Next up, Language.
"English Motherfucker. Speak It"
[ link to this | view in chronology ]
Weakening encryption will definitely make it easier to catch criminals by increasing the number of them.
[ link to this | view in chronology ]
If you outlaw encryption only outlaws will have encryption
Entire industries depend on strong encryption not only to curb industrial espionage but also because their communications make them vulnerable to cyberattacks. (I'm following local news of two companies so far paralyzed by successful ransomware attacks.)
Rather than cease doing business, I'm sure these companies will just continue to use strong encryption offerings, open source projects if necessary.
[ link to this | view in chronology ]
What about guardrails?
Guardrails also protect child sex predators. Lots of staircases protected with guardrails are used by child sex predators. Guardrails help them stay on the stairs while dragging their victims to the place of crime.
[ link to this | view in chronology ]
Re: What about guardrails?
Even worse are window blinds that don't let passing police see what's going on inside. We need to get rid of window blinds NOW!
For the children, of course.
[ link to this | view in chronology ]
Dual use technology
Knives can be used to cut up food, but can also be used to kill. Thus, we have to ban all knives (to protect the children).
[ link to this | view in chronology ]
Re: Dual use technology
Sounds absurd, surely they would never consider something like that....
http://news.bbc.co.uk/2/hi/health/4581871.stm
[ link to this | view in chronology ]
Please let this be parody
Wow. Poe factor of 5 at least!
[ link to this | view in chronology ]
Protected?
You know what else protects children from predators? Encryption. Without it, predators can hack the phones of intended victims to tell right where they are 24/7. To monitor their calls, to find their routines, to see if their parents care where their kids are, to read their private messages to family and friends. Hell, with the right skills or enough money to buy the right software, they could remotely activate microphones and cameras on the kid's phones.
[ link to this | view in chronology ]
Bad Guy finds backdoor, exploits it to enter child's phone. Bad Guy tracks GPS position of child and learns patterns. Bad Guy finds perfect time and place to kidnap and sexually exploit child.
[ link to this | view in chronology ]
Re:
And a Ring doorcam catches Bad Guy in the act, as happened recently.
[ link to this | view in chronology ]
146 reasons when they dont need to break encryption
https://www.schneier.com/blog/archives/2019/11/security_vulner_20.html
They just break into the phone.
[ link to this | view in chronology ]
FOR THE CHILDREN!!!
"Technology providers must act and design their services in a way that protects user privacy, on the one hand, while providing user safety, on the other hand."
And unicorns. Not just plain old unicorns... rainbow unicorns. :) With gnomes for jockeys.
"The current path towards default end-to-end encryption, with no provision for lawful access, does not allow for the protection of the world’s children from sexual exploitation. Technology providers must act and design their services in a way that protects user privacy, on the one hand, while providing user safety, on the other hand. Failure to allow for Lawful Access on their platforms and products, provides a safe haven to offenders utilizing these to sexually exploit children, and inhibits our global law enforcement efforts to protect children."
3 sentences, Children 3x's. It's just as bad to exploit children for your anti-privacy agenda ; No?
Its funny how they clamor to end encryption but when asked to provide examples of how it either helped or hindered they run and hide behind national security or some other bullshit to keep from making the case. Of course we know exactly why.
[ link to this | view in chronology ]
Where will it end?
If we give into this idea (and we shouldn't), one has to consider, what will they ask for next?
Authoritarianism is finding its way to you, one disguised step at a time.
[ link to this | view in chronology ]
They were for it before they were against it.
[ link to this | view in chronology ]
Re:
They are for it while they are against it. Only the good guys should have encryption, and they will decide who the good guys are.
[ link to this | view in chronology ]
Every month theres a major hack of private companys database ,s,
consumers data is left exposed or posted on various dark web sites .
Banks and finance and the government use encryption to protect consumers private data ,
saying default encryption should be banned or weakened
will only expose the public to more criminal hackers
or expose more data to hackers from other countrys who may want
to steal military or industrial secrets for various malicious reasons .
[ link to this | view in chronology ]
Well, strong encryption protects people. Insofar as child sex predators are "people" (albeit horrible people), yeah strong encryption protects them too.
[ link to this | view in chronology ]
Every agency uses the same excuse, who is it working on? I don't believe they even care much about stopping child sex predators. Compare the resources Interpol devotes to drug enforcement or copyright infringement, for example.
[ link to this | view in chronology ]
Interpol: a security organization that wasn't able to find its own chief when he went missing.
[ link to this | view in chronology ]
Re:
That's not quite as bad as it sounds, as he disappeared in China. Presumably the Chinese government had him abducted. I don't think I can blame Interpol for losing track of him under those circumstances.
https://www.vox.com/world/2018/10/8/17952378/interpol-meng-china-investigation-corrup tion
[ link to this | view in chronology ]
Another funny..
End to end encryption??
But dont they want your Whole phone to check the other data inside??
Didnt we have laws against the agencies from Monitoring our phones, in the first place?
there are different meanings here..
encryption and compression..
Its a great thing for the corps if we can compress the data(voice or anything else) so that we can keep up the bandwidth. Its your phone that has to de-compress it..but Any phone can do this, its a compatibility issue.
Encryption tends to be Abrupt.. and can be focused to only certain people or person. Both sides Must have Certain things that Match up to Encode and decode. complicated Encoding can really be a Problem and takes time to translate, so (IMO) a live talk isnt that easy.. so this has to be on the Messaging side more then Audio voice(which is generally Only compressed, and why Most phones sound like crap).
so for all the messaging they wish to monitor, Whose PORN are they trying to see?
Then How to use it??
[ link to this | view in chronology ]
You use symmetric encryption, which is much faster, for streams or large quantities of data (with asymmetric encryption to exchange keys if necessary).
[ link to this | view in chronology ]
What we really need
We need encryption that is totally secure. Cannot be broken.
But upon presentation of a judicial warrant, it becomes insecure. It only reacts this way to 'genuine' judicial warrants created with good intentions that truly would further the cause of justice. The algorithm can determine whether the intentions are pure or not.
[ link to this | view in chronology ]
Re: What we really need
Write that algorithm and you will be very rich.
[ link to this | view in chronology ]
"that algorithm"
The problem might be finding police with pure intentions.
[ link to this | view in chronology ]
Re: Re: What we really need
function areIntentionsPure() { return false; }
[ link to this | view in chronology ]
What Google really needs
The original plan behind Google was to collect everyone's data but give only machines (and no human beings) access to it, not just to direct advertisements but also to look at trends.
Sadly, they didn't do that, and not only can Google techs stalk people with incredible efficiency, but Google is having to defend continuously against law-enforcement, often for dubious causes.
For Google's model to work, it needs to be impossible for human beings to look at the plaintext even if they are being compelled by law or gunpoint, while still allowing for algorithms to shuffle the data according to set rules.
[ link to this | view in chronology ]
Law enforcement agency it isn't.
Good article, but one highly pedantic quibble:
Interpol is not a law enforcement agency. In no country in the world does it have the power of arrest, the power to enforce any law.
It is a support agency for law enforcement agencies, in the same way as a laboratory conducting forensic tests would be for the police. Or an educational institution offering forensic courses. Would you call a local lab contracted to test blood for the police a "Law enforcement agency"?
[ link to this | view in chronology ]
Actually, many, many serial killers and child abusers did what they did before the internet or encryption.
This is a war against privacy and security.
[ link to this | view in chronology ]
thank you very nice website article
[ link to this | view in chronology ]