In this Q&A, Dr. Ann Cavoukian, discusses why data privacy and strong data protection are critically important. Dr. Cavoukian argues that if we are to preserve free and open societies, we must preserve the privacy and security of our online communications.
When I served as Privacy Commissioner of Ontario, Canada, for three terms, I brought with me a very different perspective, since I was not a lawyer but a psychologist (who had studied privacy and law during my graduate work). I wanted to focus on data governance and architecture, since the world was evolving into one where data ruled! So, I wanted to create a model of data protection where we could ideally prevent privacy harms from arising—much like a medical model of prevention. But this needed to be embedded directly into the design and architecture of IT systems and business practices—so I created Privacy by Design. The 7 Foundational Principles of Privacy by DesignPDF all relate to proactively embedding privacy directly into the data architecture and design, such that they cannot be avoided or overlooked.
Privacy forms the foundation of our freedom—you cannot have free and open societies without a solid foundation of privacy! And privacy is all about control—personal control over the use and disclosure of one’s personal information. Someone else may have custody and control over your personal information (governments or the private sector), but it doesn’t belong to them, it belongs to you, the data subject, to who the information relates. But increasingly, a growing number of people are questioning whether public and private entities can be trusted to protect your data and preserve your privacy, ensuring that you remain in control of your personal information.
Thus, in the online world that presently rules our lives, protection of our data, which is vital to having any semblance of privacy, often falls upon individuals and the organizations they are dealing with. Encryption of that data is one of the essential ingredients to preserving our privacy online. Encrypting or coding of one’s data renders the data essentially inaccessible to anyone who does not possess the key to decode it. Strong end-to-end encryption is the ultimate protection of one’s data since it is protected from the source to the intended recipient, with virtually no possible interception along the way.
But companies are increasingly using encryption algorithms with a “backdoor”, so that total access to our personal and proprietary information is possible. In effect, this would expand surveillance beyond anything imaginable today and must be resisted at all costs.
To be clear—surveillance and the threat of aggression are in fact two sides of the same coin that may be used as a means of control.
In many cases, the threat of aggression alone may lead to self-censorship and has been demonstrated to be a highly effective method of control. Crypto backdoors—allowing access to encrypted information without having the correct credentials—will only exacerbate this trend of loss of control. Not only are backdoors to encryption algorithms foolish from a technical perspective, but they will also lead to the demise of our privacy, and, ultimately, our freedom, innovation, and prosperity. In the 21st century, some powerful entities increasingly control people using data. But good data is the lifeblood of our economy and prosperity. Strong encryption denies unauthorized access, while still allowing individuals and organizations to function in an information age.
Indeed, abandoning a “zero-sum” either/or, win/lose models is an essential feature of Privacy by Design! We must have both privacy AND data utility, which is possible with positive-sum models that are built to enable you to have privacy and security; privacy and data utility; privacy and “fill in the blank!”
This is not a new occurrence. Dating back to the late 90’s, the noteworthy case—the “Clipper Chip”—was intended to secure online exchanges; but it came with a “backdoor” that was intended to allow law enforcement to decode online transmissions, regardless of their encrypted status. I was serving in my role as Privacy Commissioner at the time, and I recall how the Clipper Chip was debated at great length, globally, for well over a year, as to its merits or lack thereof. The overwhelming conclusion reached was that crypto backdoor should NOT be allowed, full stop! The idea of creating backdoors was categorically rejected as an unacceptable reach into protected communications that were encrypted, end-to-end.
Unfortunately, the attempt to embed crypto backdoors into our online communications did not end with the Clipper Chip. This has continued steadily over the years. In 2015, 15 of the world’s leading cryptographers and data scientists authored a paper entitled, “Keys Under Doormats,” to reach the public at large., Just as you may place a key to the front door under the doormat, to enable a child to enter one’s home if they had lost their key, it could allow burglars to easily gain entry into the home! This is precisely what a backdoor would do—enable the “bad guys” to gain access to one’s online communications.
Crypto backdoors are being increasingly used, under the guise of traceability and law enforcement. Introducing the requirement of traceability could break end-to-end encryption, as would the creation of crypto backdoors. In the words of the Electronic Frontier Foundation, “The global creep of invasive surveillance once again signifies the mounting erosion of our privacy, with the goal of breaking end-to-end encryption” via crypto backdoors.
Privacy forms the foundation of our freedom! If we wish to preserve free and open societies, we must preserve the privacy and security of our online communications. Strong end-to-end encryption does just that, allowing us to freely communicate with whoever we wish, without concern that our communications will be accessed by unauthorized third parties, unknown. We must insist upon strong encryption and strong protection of our personal data and privacy—our freedom may depend upon this!
Note: The views expressed herein are those of the author and do not necessarily reflect the views of the United Nations.