Off-the-shelf ability to protect your privacy just went up. Facebook knows all your friends, the friends of your friends, and the friends you should have. Google targets ads based on your recent searches. Amazon knows exactly what you want to buy. As convenient as these sites may be, however, it’s really starting to feel like private information…isn’t so private. In a post-Edward Snowden world, lots of folks are concerned.
Telegram, an app designed as a combination between SMS and e-mail, is so confident in its privacy and encryption abilities that the creators offer a $300,000 reward to anyone who can crack it. Telegram has the ability to send messages, photos, videos, and files of any kind to a group of up to 200 people or to a channel of unlimited audiences.
In addition, messages can be set to self-destruct, and deleting a message on one side of a secret conversation will automatically order the app to delete the message on the other end of the conversation as well.
While this app can be used for many beneficial or ordinary activities, there is evidence that members of terrorist organizations have been flocking to Telegram ever since the channel feature was released earlier this year, allowing them to securely communicate with large groups of people. The privacy that Telegram and many other programs offer provides terrorists with the ability “to go dark,” which has prompted law enforcement officials to argue for special access into encrypted systems.
While special access authorized by a warrant is a reasonable step in combating terrorism and criminality, experts believe that granting this type of access would result in substantial vulnerabilities to the cyber-security of many systems and programs, potentially allowing significant damage.
According to technical and encryption experts, America can either have:
- Uncrackable data that is good for cyber-security but bad for law enforcement, or
- Special access, which is good for law enforcement but weakens cyber-security.
(There are, it is worth noting, some challenges to this view that both technologists and law enforcement officials should investigate further.)
While giving U.S. law enforcement officials the tools they need to legally access information is an important part of keeping America safe, special access would create a single point of vulnerability that could be abused by malicious actors.
There are also the potential jurisdictional problems to consider. Mandating police access will deter criminals from using those specific programs and systems to which the police have access. Smart criminals and terrorists need only switch to a foreign provider whose product was built without a mechanism for special access.
Telegram, which was developed by Russians living in Germany, is a perfect example of this problem. It is not a U.S. company. There would be no feasible way, then, to compel Telegram or any other foreign company to build special access into its products.
Unless the government and private sector can demonstrate a secure special access method, the U.S. should not require special access. While the encryption debate pits legitimate government interests against each other, cyber-security concerns and bad actors migrating to platforms like Telegram are realities that should not be downplayed or dismissed.