{"id":62276,"date":"2016-12-23T00:00:00","date_gmt":"2016-12-23T00:00:00","guid":{"rendered":"http:\/\/blog.mozilla.org\/foxtail\/2016\/12\/23\/now-we-all-agree-there-are-no-safe-backdoors-when-it-comes-to-encryption\/"},"modified":"2021-02-09T05:41:53","modified_gmt":"2021-02-09T05:41:53","slug":"now-we-all-agree-there-are-no-safe-backdoors-when-it-comes-to-encryption","status":"publish","type":"post","link":"https:\/\/blog.mozilla.org\/en\/mozilla\/now-we-all-agree-there-are-no-safe-backdoors-when-it-comes-to-encryption\/","title":{"rendered":"Now We All Agree: There are no safe backdoors when it comes to encryption"},"content":{"rendered":"<p>There are many recent examples of the threats to Internet security. We\u2019ve talked about how<a href=\"https:\/\/blog.mozilla.org\/blog\/2016\/09\/13\/cybersecurity-is-a-shared-responsibility\/\"> protecting cybersecurity is a shared responsibility<\/a> and we see increased need for governments, tech companies and users to work together on topics like encryption, security vulnerabilities and surveillance.<\/p>\n<p>The most well known example is the Apple vs FBI case from earlier this year. In this case, law enforcement officials said they were unable to access encrypted data on an iPhone during an investigation. The FBI wanted to require Apple to create flawed versions of their software to access encrypted data on an iPhone of a known criminal.<\/p>\n<p>Mozilla<a href=\"https:\/\/blog.mozilla.org\/blog\/2016\/03\/16\/user-security-relies-on-encryption\/\"> argued in statements and filings<\/a> that requiring tech companies to create encryption backdoors for law enforcement to decrypt data would 1) weaken security for individuals and the Internet overall, defeating the purpose of creating such technology in the first place and 2) set a dangerous precedent in the US and globally for governments to require tech companies to make flawed versions of software that would be vulnerable to criminals (not just government hacking).<\/p>\n<p>We said there were other ways the FBI could access this data, as did Apple and many other tech companies. Mozilla also launched a<a href=\"https:\/\/advocacy.mozilla.org\/en-US\/encrypt\/social\/1\"> global encryption advocacy and education campaign<\/a> just days before news of the Apple vs. FBI case broke. The FBI found alternate methods to get the data (spending more than $1 million on a hacking tool) and dropped the case, without disclosing any details to Apple to help the company patch the software and protect its users.<\/p>\n<p>This case is important for many reasons. One of the most important is that it created mainstream discourse about some very important topics relevant to all Internet users \u2013 encryption, user security and government access to data. Government access to encrypted data isn\u2019t a new topic, but I love that this case created more awareness and discussion about what needs to change to balance the needs of national and individual security in today\u2019s fragile cybersecurity reality.<\/p>\n<p>The bipartisan Congressional Encryption Working Group was created in the wake of the Apple vs FBI case. This working group was formed because \u201cthe case, and the heated rhetoric exchanged by parties on all sides, reignited a decades &#8211; old debate about government access to encrypted data.\u201d<\/p>\n<p><a href=\"https:\/\/judiciary.house.gov\/wp-content\/uploads\/2016\/12\/20161220EWGFINALReport.pdf\">The Encryption Working Group just released their end of year report<\/a>, which concludes encryption backdoors do more harm than good. While there are law enforcement challenges to accessing encrypted data, \u201cstakeholders from all perspectives acknowledged the importance of encryption to our personal, economic, and national security.\u201d<\/p>\n<p>The report talks about the profound impact that encryption has had on law enforcement investigations and the \u201cgoing dark\u201d phenomenon, but cautions that there is no \u201cone-size-fits-all\u201d solution to the encryption challenge. The report calls for next steps including \u201cexploring opportunities to reduce the knowledge and capabilities gap between law enforcement and the technology community.\u201d Helping to close this gap and solve for the \u201cgoing dark\u201d phenomenon is something Mozilla is committed to and well suited to do as part of our mission.<\/p>\n<p>The report included questions about other important cybersecurity issues that the Apple vs. FBI case raised in relation to encryption, including two Mozilla has strongly worked on reform to \u2013 government hacking and<a href=\"https:\/\/blog.mozilla.org\/netpolicy\/2016\/09\/19\/improving-government-disclosure-of-security-vulnerabilities\/\"> government disclosure of security vulnerabilities<\/a>.<\/p>\n<p>You can <a href=\"https:\/\/blog.mozilla.org\/netpolicy\/2016\/12\/22\/bipartisan-congressional-group-confirms-encryption-backdoors-are-unnecessary\/\">read the Mozilla Policy blog post<\/a> from Heather West for more information, but I\u2019ll leave you with the closing to the Encryption Working Group report because I think it nicely echoes what Mozilla and I personally have been advocating for in cybersecurity this year.<\/p>\n<p>\u00a0<\/p>\n<blockquote><p>\u201cWe must strive to find common ground in our collective responsibility: to prevent crime, protect national security, and provide the best possible conditions for peace and prosperity. That is why this can no longer be an isolated or binary debate. There is no \u2018us versus them,\u2019 or \u2018pro-encryption versus law enforcement.\u2019 This conversation implicates everyone and everything that depends on connected technologies including our law enforcement and intelligence communities.<\/p>\n<p>This is a complex challenge that will take time, patience, and cooperation to resolve. The potential consequences of inaction\u2014or overreaction\u2014are too important to allow historical or ideological perspectives to stand in the way of progress.\u201d<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>There are many recent examples of the threats to Internet security. We\u2019ve talked about how protecting cybersecurity is a shared responsibility and we see increased need for governments, tech companies and users to work together on topics like encryption, security vulnerabilities and surveillance. The most well known example is the Apple vs FBI case from [&hellip;]<\/p>\n","protected":false},"author":563,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5],"tags":[],"coauthors":[],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Now We All Agree: There are no safe backdoors when it comes to encryption<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.mozilla.org\/en\/mozilla\/now-we-all-agree-there-are-no-safe-backdoors-when-it-comes-to-encryption\/\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.mozilla.org\/en\/mozilla\/now-we-all-agree-there-are-no-safe-backdoors-when-it-comes-to-encryption\/\",\"url\":\"https:\/\/blog.mozilla.org\/en\/mozilla\/now-we-all-agree-there-are-no-safe-backdoors-when-it-comes-to-encryption\/\",\"name\":\"Now We All Agree: There are no safe backdoors when it comes to encryption\",\"isPartOf\":{\"@id\":\"https:\/\/blog.mozilla.org\/en\/#website\"},\"datePublished\":\"2016-12-23T00:00:00+00:00\",\"dateModified\":\"2021-02-09T05:41:53+00:00\",\"author\":{\"@id\":\"https:\/\/blog.mozilla.org\/en\/#\/schema\/person\/a4c77c94853bf9dbb79a9a206322d6ec\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.mozilla.org\/en\/mozilla\/now-we-all-agree-there-are-no-safe-backdoors-when-it-comes-to-encryption\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.mozilla.org\/en\/mozilla\/now-we-all-agree-there-are-no-safe-backdoors-when-it-comes-to-encryption\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.mozilla.org\/en\/mozilla\/now-we-all-agree-there-are-no-safe-backdoors-when-it-comes-to-encryption\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.mozilla.org\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Now We All Agree: There are no safe backdoors when it comes to encryption\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.mozilla.org\/en\/#website\",\"url\":\"https:\/\/blog.mozilla.org\/en\/\",\"name\":\"The Mozilla Blog\",\"description\":\"News and Updates about Mozilla\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.mozilla.org\/en\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.mozilla.org\/en\/#\/schema\/person\/a4c77c94853bf9dbb79a9a206322d6ec\",\"name\":\"Denelle Dixon\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.mozilla.org\/en\/#\/schema\/person\/image\/1720f6d7063c89117905d2c75f3b155a\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/4e1edda1af518a1659f0bae91f9fab03?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/4e1edda1af518a1659f0bae91f9fab03?s=96&d=mm&r=g\",\"caption\":\"Denelle Dixon\"},\"description\":\"Denelle Dixon-Thayer is Chief Legal and Business Officer at Mozilla Corporation\",\"url\":\"https:\/\/blog.mozilla.org\/en\/author\/ddixonmozilla-com\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Now We All Agree: There are no safe backdoors when it comes to encryption","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.mozilla.org\/en\/mozilla\/now-we-all-agree-there-are-no-safe-backdoors-when-it-comes-to-encryption\/","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/blog.mozilla.org\/en\/mozilla\/now-we-all-agree-there-are-no-safe-backdoors-when-it-comes-to-encryption\/","url":"https:\/\/blog.mozilla.org\/en\/mozilla\/now-we-all-agree-there-are-no-safe-backdoors-when-it-comes-to-encryption\/","name":"Now We All Agree: There are no safe backdoors when it comes to encryption","isPartOf":{"@id":"https:\/\/blog.mozilla.org\/en\/#website"},"datePublished":"2016-12-23T00:00:00+00:00","dateModified":"2021-02-09T05:41:53+00:00","author":{"@id":"https:\/\/blog.mozilla.org\/en\/#\/schema\/person\/a4c77c94853bf9dbb79a9a206322d6ec"},"breadcrumb":{"@id":"https:\/\/blog.mozilla.org\/en\/mozilla\/now-we-all-agree-there-are-no-safe-backdoors-when-it-comes-to-encryption\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.mozilla.org\/en\/mozilla\/now-we-all-agree-there-are-no-safe-backdoors-when-it-comes-to-encryption\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.mozilla.org\/en\/mozilla\/now-we-all-agree-there-are-no-safe-backdoors-when-it-comes-to-encryption\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.mozilla.org\/en\/"},{"@type":"ListItem","position":2,"name":"Now We All Agree: There are no safe backdoors when it comes to encryption"}]},{"@type":"WebSite","@id":"https:\/\/blog.mozilla.org\/en\/#website","url":"https:\/\/blog.mozilla.org\/en\/","name":"The Mozilla Blog","description":"News and Updates about Mozilla","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.mozilla.org\/en\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.mozilla.org\/en\/#\/schema\/person\/a4c77c94853bf9dbb79a9a206322d6ec","name":"Denelle Dixon","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.mozilla.org\/en\/#\/schema\/person\/image\/1720f6d7063c89117905d2c75f3b155a","url":"https:\/\/secure.gravatar.com\/avatar\/4e1edda1af518a1659f0bae91f9fab03?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/4e1edda1af518a1659f0bae91f9fab03?s=96&d=mm&r=g","caption":"Denelle Dixon"},"description":"Denelle Dixon-Thayer is Chief Legal and Business Officer at Mozilla Corporation","url":"https:\/\/blog.mozilla.org\/en\/author\/ddixonmozilla-com\/"}]}},"_links":{"self":[{"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/posts\/62276"}],"collection":[{"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/users\/563"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/comments?post=62276"}],"version-history":[{"count":0,"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/posts\/62276\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/media?parent=62276"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/categories?post=62276"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/tags?post=62276"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/blog.mozilla.org\/en\/wp-json\/wp\/v2\/coauthors?post=62276"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}