The feds have had it out for encryption for decades, but in the wake of the Paris attacks, the vilification of cryptography – the use of mathematical algorithms and other practices to protect web transactions and emails, “lock up” data at rest on a hard drive, protect the privacy of certain phone calls and more – has reached a dangerous new low.
Since the tragedy, lawmakers from the House of Representatives, top law enforcement officials and media figures have all articulated the idea that the Paris attackers used “encryption” to elude detection and capture. Like a lot of narratives that come from Congress, law enforcement and media, this story is way off the mark.
For example: We know that at least some of the attackers used standard (unencrypted) SMS messaging on their mobile phones. We know at least one used his own credit card to book a hotel around the time of the attack, which hardly speaks to a great degree of technological sophistication. And we know that several of the eight were known to US and French authorities before the attack. Some of them lived in the same neighborhood. The planner published an interview in ISIS magazine Dabiq in February – after leaving and before returning again to Europe – that included his picture and talked about evading Belgian and French authorities. It’s not as if the ISIS attackers were invisible save for very strong math.
Nonetheless, the rhetoric about the dangers of encryption continues unabated, with US law enforcement’s use of the Paris attacks to return to the familiar position of criticizing encryption technology as a threat to the public. The same arguments about dangers to public safety and…