Should governments be given backdoors to technology products? British PM Theresa May has been waging a long battle against encryption, stating that end-to-end encryption in apps like WhatsApp is “completely unacceptable” and that it provides a safe haven for terrorists.
The argument crops up repeatedly, whenever there is a terrorist incident; governments begin to lean on technology companies to provide ongoing access directly, or via backdoors.
On one hand, while no-one wants to actively support terrorism, backdoors or weakening of encryption introduces great risk – possibly greater than the benefits.
Upon asking 900 attendees at Infosec 2017 whether they would introduce a backdoor into their cloud-based customer data – the responses were almost evenly split with a third stating they would comply, wouldn’t comply, and unsure.
But the experts weren’t so divided. In fact, every security expert we spoke to on camera agreed that backdoors were a bad idea.
A collaborative approach
A digital stalemate will remain as long as governments continue to beat the drum of wanting to weaken encryption or introduce backdoors.
However, this can be potentially resolved by turning the conversation around. Rather than governments dictating methods that are either insecure or not feasible; it should list out its requirements to technology companies. In return the technology and security experts should work through the requirements and make practical and feasible suggestions as to how best to achieve the goals of maintaining privacy and security for customers while being able to conform to legal requests for information.