You don’t have to be a tech junkie to have heard about the lawsuit between the FBI and Apple involving the iPhones of the San Bernardino shooters. And while that specific matter seems to be more or less resolved (at least for now), the discussion surrounding encryption is here to stay. In fact, amidst the FBI and Apple legal challenges, WhatsApp announced their plans to enable end-to-end encryption as part of their standard service.
So what does this all really mean? It’s probably best to start with a brief overview of what end-to-end encryption really means. When you use an application that utilizes end-to-end encryption, the information being sent (in the case of WhatsApp this would be text) is fully locked (or encrypted) from point to point. Let’s use WhatsApp as an example. When you send a message through this application, the message is totally inaccessible to anyone other than the sender and the recipient. This means that at no point in the message’s journey across cyberspace is the message unlocked or “readable” – not even to WhatsApp or anyone else who might have access to their server.
Compare this, for example, to a standard text message, which is fully unencrypted from point to point. That means that a standard text message, which is nothing more than plain text, is “readable” to anyone at any point in the transmission process. Other apps, like Facebook messenger, utilize a partially encrypted process whereby the message is encrypted when it is sent, but when it arrives at the Facebook it is decrypted and stored on the server, before it is re-encrypted and sent to the intended recipient. What this means is that when it comes to standard text messages (or even Facebook messages) the companies involved can most definitely see your messages, and perhaps more importantly, they can be legally compelled to hand them over as part of a government subpoena and they are vulnerable to cyber criminals should the host company find itself victim to hacking.
But what are the bigger implications? It’s clear that encryption provides superior privacy protection, but at what cost? Should individual privacy come at the possible expense of national security (as was suggested in the case of the San Bernardino shooters)? And looking ahead, can and should the FBI be working to overcome encryption technology so they can “hack” into even the most secure communications when needed? One thing is for sure, this conversation is only just beginning…