Poking Holes in End-to-End Encryption Would Create Dangerous Consequences for Consumers, Innovation and Data Security

Action in the face of uncertainty should be sober and reflective.  

As law enforcement agencies and some in Congress call for special access to electronic devices, communications and other data, they would be wise to remember that end-to-end encryption plays an integral role in innovation, economic growth, and crime prevention. Developers know that any software vulnerability – even if only intended for use by trusted government entities – weakens security and will allow bad actors, like hackers, to access sensitive and private information.

To begin, the widespread deployment of end-to-end encryption is the result of market demands. Today’s consumers rightly demand the communications and data they send over the Internet and store online remain private. Indeed, the American ideal of privacy from government is enshrined in our Constitution. This ubiquitous technology is part of nearly every major operating system including Apple and Google; mobile apps like Line and Surespot; and mobile devices like the Blackphone. End-to-end encryption helps secure personal and commercial data, prevents criminal activity, and protects Americans from egregious government surveillance.

Mandates requiring developers to provide the government special access to hardware and software would greatly erode the public’s trust in the life-changing potential of the Internet and software, and could kill the next wave of ideas in the cradle. While no company seeks to willingly weaken its system’s security, small businesses would be especially burdened by the task, stifling their growth. A marketplace in which only large and incumbent interests can meet government mandates harms innovation and consumer choice.

End-to-end encryption is also keeping us safe. Just this year, we saw white hat hackers breach a vehicle’s software and render its operator useless by controlling its steering, acceleration and deceleration. Absent end-to-encryption, cutting edge vehicle technologies will be vulnerable to bad actors and create dire consequences for drivers. Beyond vehicle hacks, weakened security also exposes consumers to a heightened risk of identity theft, fraud, extortion or worse, and exposes businesses to trade secret theft and other forms of corporate espionage.

American businesses depend on end-to-end encryption for opportunities to grow abroad.  This technology helps promote the adoption of American technologies around the world, and is an avenue for companies to comply with internationally recognized privacy standards. This is an important step for U.S. companies given that approximately 95 percent of the world’s consumers live abroad. Worse, without end-to-end encryption some international markets, under the guise of “security,” may erect hazardous trade barriers to keep American companies out, thereby shrinking the marketplace. Additionally, mandating special access for the U.S. government will set a precedent to be emulated by hostile governments abroad.

Most importantly, there is no evidence that end-to-end encryption has thwarted a law enforcement or terrorist investigation. Given the important role end-to-end encryption plays in protecting consumer and commercial information, it cannot be sacrificed to mitigate an unproven and uncertain risk.

The White House, States’ Attorneys General, Federal Trade Commission, and even the FBI at times, are just some of the major voices that have advocated for robust end-to-end encryption to protect sensitive and personal data. End-to-end encryption is good for the American people and should be supported by law enforcement authorities worldwide. Any challenges to this ideal should not be preemptive knee-jerk reactions, but rather, result from a developed discussion supported by concrete evidence. Lawmakers should be reflective, not reflexive, in their assessment of end-to-end encryption. 

Visit the Alliance's Data Security & Privacy page to learn more.