Attorney General William Barr Wants to Break Encryption

Reading Time: 4 minutes.
William Barr

Ol’ Billy Barr. Okay, no one calls him that, but he’s really missing out on the alliteration.

William Barr is best known for lying about the contents of the Mueller Report. He falsely claimed that the report exonerated Donald Trump, a statement the report’s author, Robert Mueller, directly refutes. In fact, legal experts say it does just the opposite. The Mueller report makes a case for Donald Trump’s impeachment, as sitting presidents cannot be indicted for crimes. If they could be, the evidence and language in the report says Trump would be indicted at the very least, for obstruction of justice.

When a person is willing to lie for personal or professional gain, it says more about them than it does about their subject matter. William Barr is, by the most basic definition, not a man of integrity. He knowingly lied to the American people to benefit a man he considers his boss. Keeping that in mind, his latest announcement should also give you great cause for concern. The Attorney General of the United States wants to break the encryption that keeps you safe.

Why We Need Strong Encryption With No Backdoors

We’ve been over this so many times, I’ve lost track. That’s why I’ve created a new tag, “Encryption Battle,” to help you find all the articles related to tech’s battle with authoritarian lawmakers to protect consumer security, privacy, and safety.

To keep you from needing to read all of those articles, I’ll summarize below. I’ll also let John Oliver chime in. And if an 18 minute video sounds too long for you, use this handy link to skip to the end.

Encryption is what keeps you safe.

It’s what keeps hackers out of your bank account. It keeps phone thieves out of your phones. Encryption protects your private photos, your private conversations, and more. Without it, phone theft would be exponentially worse than it is now. Nothing online would ever be secure. No bank would be able to hold your money. Without encryption, nothing electronic is safe.

Some far-right politicians want backdoor access to your electronics.

This means the government or local police would be able to crack any device. A backdoor would  mean any encryption could be decrypted with two keys, instead of one. It would make encryption far weaker and create a new potential source of a leaked encryption key.

Oh, and while this is mostly a right-wing ideal, not all conservatives are on board. Even Republican yes-man Lindsey Graham switched sides when presented with the facts. If he could do it, anyone can.

Any backdoor will leak.

Period. It has happened time and time again. Microsoft’s “golden key” for signing Windows leaked. Cellebrite’s “government and police only” hacking tools are available on eBay. A lone hacker fooling around almost leaked a government contractor’s most important tools. Every backdoor, every secret key, every hacking tool, will eventually end up in the wrong person’s hands. That’s a fact.

Governments cannot be trusted with this.

Don’t just think of your government, patriot. Think of those nasty, dangerous other governments. Joking aside, let’s look to Russia or Saudi Arabia. In Russia, especially Chechnya, LGBTQ people need encryption to protect their communications so they don’t get rounded up and murdered. In Saudi Arabia, women’s rights activists and women trying to flee the oppressive regime need encryption to do so. If one back door is built, Apple will have to provide them to these companies, or it’ll leak to them, or they’ll buy it from an ally. Vile governments will have the capability to harass and murder dissidents.

Police cannot be trusted with this.

The training for becoming a police officer isn’t easy, but it’s not all inclusive. They don’t know every law. They’re not judicial. That’s why we have separation of powers, so police officers don’t need to be judge and jury. They should need warrants. Know what happens when they can access phones? They stalk women. They steal sensitive photos and get away with it. To give them tools that can unlock phones without tracking what they’re doing is opening a door for abuse.

People’s lives are at stake.

Listen, this is all you should take away from this. There are far more good people in the world than bad people. Every good person will have their life savings, their credit cards, their security, and their safety compromised without strong encryption. Traditional policing has always been enough to catch bad guys. Do you know what happened before iPhones? Encoded messages were destroyed, burned upon receipt. We still caught the bad guys.

William Barr’s Stance

Proving himself to be misinformed in tech, as well as the law, Barr pushed for weak encryption at the International Conference on Cyber Security in New York. He stated that, “Obviously, the [Justice] Department would like to engage with the private sector in exploring solutions that will provide lawful access. While we remain open to a cooperative approach, the time to achieve that may be limited.” That last part sounds like he’s threatening a lawsuit against Apple, Microsoft, Google, and others, to force them to comply. This would likely be unconstitutional, as, since software is considered speech, it would be coerced speech. The first amendment protects us from that.

The attorney general of the United States should know that.

“As with drug cartels, we are seeing terrorist organizations moving their communications to encrypted platforms designed to block lawful access. Even smaller terrorist groups and ‘lone wolf’ actors have turned increasingly to encryption.”

– William Barr

This, again, misses the point. Let’s say they force Apple to use weak encryption. That just means they can (quite easily) make their own encrypted communications app. It’s not only easy, they could also make something like an Android app that’s only available to their little criminal group. Encrypt communications through that, and the government wouldn’t be able to get in. That app would be one of thousands commercially available, and tens if not hundreds of thousands of other encryption apps. It simply isn’t possible to target criminal organizations with blanket backdoors. Targeted efforts are the only effective ones.

This can be done by intercepting messages, breaking weak encryption, faking responses with false credentials, causing someone to expose their key, looking at the backups that Apple and Google provide to police, and many other methods. Lawmakers frequently point to terrorist groups as cause for their demands, but the fact is, the NSA doesn’t want this. They know it’ll expose regular people, their operatives, governments, and more. The NSA has other, far more targeted and far more effective methods, and the FBI could use these as well.

What local police and the FBI actually need are stronger cybersecurity units. They’re not going to get that by pissing off every software engineer with frivolous and unconstitutional lawsuits and by ignoring our expertise.

Where Do We Go Now?

As a software engineer, someone who has written her own encryption apps, I know a thing or two about security. I am a professional and senior-level software engineer. I am, what most people would call, an expert. The Trump administration and right wing parties all over the world are not interested in experts. They ignore climate experts and even national security who tell them that climate change is the greatest danger to humanity. Of course they ignore computer scientists when we tell them that we can’t weaken encryption without undermining all electronic security.

Instead, my message is now to voters. Elected officials won’t listen to experts. Elect people who will.


Sources: