The United States Congress is considering a law that would ruin online privacy and security as we know it. If this bill passes, the internet’s overall security will be dramatically weakened. Storing our data on our smartphone or conducting business online will become much riskier. If there’s a backdoor in encryption, it is only a matter of time before hackers discover it and exploit it.
Once these vulnerabilities are built into platforms, the key to exploiting them will become the number one target of every hacker. Keeping these keys secure will be almost impossible. The US government has failed at this task in the past, like when a group known as the Shadow Brokers stole and published CIA hacking tools.
ProtonMail Blog: America’s LAED Act encryption ban must be stopped
The law would ban end-to-end encryption for large companies and require developers to break their own products at the request of law enforcement agencies.
This bill also attacks the encryption system that keeps the entire Internet secure. The LAED Act would require a backdoor to HTTPS, the system that secures almost all websites with TLS encryption, so that law enforcement could access encrypted metadata. Without HTTPS, attackers can trace your online activity from site to site. If HTTPS were to be broken it would fundamentally alter how the Internet worked.
However, if this bill is passed, the Internet’s overall security would dramatically decrease. Storing any personal data on your smartphone or conducting business online would become much riskier. As long as there is a backdoor in encryption, it is simply a matter of time before hackers discover it and exploit it.
This is an explicit attack on encryption that rejects the advice of virtually every security researcher. The problem, as we have stated again and again, is that any encrypted platform with a backdoor is fundamentally insecure. There is no such thing as a backdoor that only lets the good guys in. If there is a vulnerability, eventually, someone will find it and exploit it.
Once these vulnerabilities are built into platforms, the key to exploiting them will become the number one target of every hacker. Keeping these keys secure would be almost impossible. The US government has failed at this task in the past, like when a group known as the Shadow Brokers stole and published CIA hacking tools.
If every communications service has a backdoor, then the entire premise of the Internet as we know it collapses: The Internet and all the knowledge-sharing, self-expression, and economic transactions it enables could not function without encryption. If people are afraid that hackers will read their emails or steal their credit card numbers, the Internet will become useless.
If you are an American who is worried about your right to privacy, you should call or write to your representatives in Congress and tell them you are against the LAED Act. By voicing your support for strong encryption, you will be contributing to the fight to keep the Internet secure, private, and free.
The Reform Government Surveillance Coalition (RGS) which includes Silicon Valley tech corporations Apple, Facebook, Google, Twitter, LinkedIn, Microsoft, DropBox, Snap, and Verizon Media are in opposition to LAED. Let’s join them in stopping this law dead in its tracks.
June 25, 2020
The Reform Government Surveillance Coalition strongly opposes the Lawful Access to Encrypted Data Act. This bill would require companies to build encryption backdoors that would jeopardize the sensitive data of our billions of users and the security of our products and services. It would leave all Americans, businesses, and government agencies dangerously exposed to cyber threats from criminals and foreign adversaries, and make us all less safe.
The global pandemic has forced everyone to rely on the internet in critical ways, making digital security more important than ever before for our economy and national security. Strong encryption provides users, businesses, and our government with the important tools they need to keep us protected.