Connect with top gaming leaders in Los Angeles at GamesBeat Summit 2023 this May 22-23. Register here.
End-to-end encryption just got massive! Whatsapp, the Facebook-owned messaging app, just enabled default encryption mode for all of its 1 billion users, and they seem to love it.
This is huge. Millions of Internet users now suddenly not only talk about encryption but have also started using it in their daily communication. It sounds like a privacy enthusiast’s wildest dream — to wake up to a world in which everybody uses encryption, and a solid one at that.
Maybe Facebook will follow? We’ll see.
At the same time, the FBI-Apple battle seems to be over. For now. But what we’ve just witnessed is the first battle of an attrition war for laws and policies targeting better cyber security at the cost of people’s privacy.
Intelligent Security Summit On-Demand
Learn the critical role of AI & ML in cybersecurity and industry specific case studies. Watch on-demand sessions today.
It’s also a story of double standards, where the US government applies different rules based on the size of the company it is fighting.
At one extreme stands Lavabit, the small tech startup whose encrypted email service Edward Snowden used, that, hopeless against the Kafkaesque bureaucracy and governmental supremacy, was forced to shut down back in 2013 after being pressured to surrender its encryption keys to the FBI. At the other we have a tech giant that was – fortunately — approached differently by the state and was able to defend its users’ privacy in the end. This time, the FBI chose not to file the order under seal as it did with Lavabit. It wanted Apple to be in the full spotlight of public opinion. But we can agree that the effect was unexpected.
Snowden described the Apple vs. FBI story as the “most important tech case in a decade.” He also said that the FBI had alternative methods “since the ’90s” that would allow it to access to the information from the phone.
The FBI urged Apple to create a custom operating system, citing an 18th-century law called All Writs Act, that would allow the policing agency to brute-force itself into an iPhone 5C that belonged to a San Bernardino shooter.
The US government dropped its legal case against Apple two months later, claiming it had accessed the San Bernardino shooter’s iPhone without Apple’s help.
The former director of the NSA and ex-chief of the CIA Michael Hayden took an interesting approach in admitting that “America is simply more secure with unbreakable, end to end encryption.”
Why Apple’s encryption case was different from Snowden’s
So, why did Apple’s privacy cause get more support from average, non-tech users than the Snowden revelations? It’s a matter of loyalty and commercial power.
We can all agree that Snowden (a former NSA contractor) is a really smart guy who definitely doesn’t lack heroic traits. When he realized the injustice of what the NSA was doing with people’s personal data and decided to let the world know, it was at the expense of his safety and freedom — he now lives in restrained conditions, in Moscow, under the protection of Putin, not exactly a pillar of democracy.
While Snowden’s story has all the makings of a Hollywood blockbuster, and an award-winning documentary on the story has been already made; people’s reactions to his world surveillance revelations have been, let’s say, anemic.
Freedom fighters along with civil rights NGOs managed to apply some pressure on the American government, changing a few laws such as the Act of Freedom, a bill that was meant to end the NSA program that mass collects phone records of Americans.
But in Apple’s case, the response has been far more powerful. Why? First of all, Apple is almost a religion, and not just in America, but all over the world, from Japan to Romania. It has millions of fans who follow it with cult-like dedication. So when Apple is attacked, people listen and are interested in all the technical details of encryption; nobody even thinks to say “I’ve got nothing to hide.”
Even though we’ve seen David trump Goliath several times during our history, to win the war on privacy you need an army — Apple proved to have exactly that.
Tens of years of brand mastery and customer loyalty strategies confirmed its worth, stopping the authorities from breaking all the iPhones.
Other tech giants such as AT&T, Airbnb, eBay, Kickstarter, LinkedIn, Reddit, Square, Twitter, Cisco, Snapchat, and WhatsApp, even its longtime rivals Amazon, Facebook, Google, and Microsoft, came to its defense.
What actually made Apple’s position stand out? Highlighting and explaining the government’s incorrect understanding of the legal and technical issues involved in the case. It’s inconceivable how unprepared and untrained the government’s specialists were for this trial.
The quote that ended Apple’s deposition is so heartbreakingly true:
“Almost 90 years ago, Justice Louis Brandeis, reflecting on the ‘progress of science’ beyond wiretapping famously warned that ‘[t]he greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding.’”
The danger that lurks here is that, in too many cases judges, lawyers and governmental representatives don’t understand the technical issues they are debating, yet they still have to decide for all of us what is right or wrong. I have to add here that the problem of surveillance versus encryption is a hard nut to crack, and all the confusion around it is understandable to some point.
The unlucky ones: Lavabit case
We might say the Apple was lucky to have a public trial. That was not in the cards for Ladar Levison, the founder of Lavabit.
Levison’s case was played out in secret under seal for several months. He essentially had to fight alone against the US government, under extreme pressure and arrest threats, without any support from major tech companies or privacy supporters. He was asked to hand over the encryption keys for his email service to allow the government to gain access to Snowden’s Lavabit account and read his emails.
What Levison did in that critical situation, with no help from well trained and highly payed lawyers, will always be a landmark for worldwide privacy supporters. And, yes, he did reach out during trial to one of Apple’s lawyers but didn’t have the kind of funds required to hire him.
In order to keep his promise to his customers, including Snowden, and preserve their online privacy, he closed down the company, without giving in to the FBI’s request.
Terrorism — the ever-perfect excuse
Terrorism is currently one of the greatest threats to global stability, and we are nowhere near a game plan for combating it.
But as a lot of political analysts agree, fighting terrorism at the cost of the entire planet’s privacy is simply wrong.
It’s almost the same logic as imprisoning everyone on the planet because somewhere among us, criminals exist.
That’s why I think it’s crucial that all companies, not only in the tech sector, should release a Transparency Report each year, showing their customers how many and what type of requests they received from authorities.
More surveillance strategies and tracking tools are definitely not what we need right now. We might just need a deeper understanding of the terrorism problem and more tech qualified people working in government.
Of course, we’re not debating who did more for privacy. Both Snowden and Apple played crucial roles in the fight for our online privacy. They will influence everything that happens now in the field of civil rights, surveillance, and encryption.
Thanks to the buzz generated by the battle between the FBI and Apple, many iPhone users learned a lot about encryption and how important it can be, and what their phones are capable of doing. It was a crash-course on encryption with very high stakes for the entire planet.
Setting a precedent for force-breaking encryption of a technology used by billions of people should be unsettling to us all.
One thing is certain: We need big tech companies to be guided by the Three Musketeers principle, one for all and all for one, for the safety and privacy of their users.
We all need to be part of this security-privacy discussion and speak up our minds when we notice abuses. Starting today.
Oana Ciobotea is social media manager at CyberGhost, a personal VPN service based in Romania.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.