Encryption won't stop surveillance, says Harvard study

A Harvard University study finds that notions of a new age of untraceable criminals is overblown. Why?

Patrick Semansky/AP/File
In this June 6, 2013 file photo, the sign outside the National Security Agency (NSA) campus in Fort Meade, Md. Barring. A new Harvard study finds that the future holds many more opportunities for surveillance, even if encryption for messages increases.

Encrypting communication will continue, but authorities will not be left in the dark, according to a new study.

A new Harvard University study, which included participants from academia, government agencies, and technical fields, found that warnings of an encryption-prompted surveillance crisis are overblown. The Berkman Center for Internet and Society study stated that while some forms of communication will remain resistant to surveillance, many others will offer an increase in data for security agencies. 

The finding comes in direct juxtaposition to a recent increase in pressure from federal authorities on tech companies, like Google and Apple, to install “backdoors” for government surveillance into devices. While tech companies have resisted the pressure, federal agencies have warned that without a backdoor, intelligence agencies will be “going dark,” or be unable to properly surveil suspect communication. 

“Are we really headed to a future in which our ability to effectively surveil criminals and bad actors is impossible? We think not,” the Berkman Center study says. So far, the discussion over encryption “is largely taking place without reference to the full picture.” 

This position on encryption stems from three overarching conclusions: encryption will likely not be widespread, new technology will offer a plethora of new surveillance opportunities, and most metadata will continue to be unencrypted.

End-to-end encryption, like the kind supported by Facebook, Apple, and Google, works by encrypting information and messages at the end points of communication applications, as a result only the recipient and the sender have the keys to read the information. Everyone else, including the service provider and intelligence agencies, would be unable to access the data.

While this could offer people private communication and thwart attempts of authorities to intercept messages, the chances of this technology being adopted ubiquitously are slim. As the study states, “the majority of businesses that provide communications services rely on access to user data for revenue streams.” 

Beyond this, the increase in “smart” products will deliver more options to agencies for surveillance. Televisions, refrigerators, toasters, and thermostats will increasingly be built to be connected with the Internet of Things and many are attached with cameras or microphones, according to the study.

The study suggests one way that investigators will likely capitalize on the advances is seeking “orders compelling Samsung, Google, Mattel, Nest or vendors of other networked devices to push an update or flip a digital switch to intercept the ambient communications of a target.”

The collected data from smart devices would be in addition to the majority of metadata that is unencrypted because devices and software need it to function. This metadata ranges from location data on cell phones to header information and more in e-mails.

“This information provides an enormous amount of surveillance data that was unavailable before these systems became widespread,” the study says. 

The study, entitled Don’t Panic: Making Progress on the “Going Dark” Debate, and its counter to proposals by FBI director James B. Comey and others notable political figures, like Democratic presidential candidate Hillary Clinton, to hinder encryption carries more weight than most as a result of its variety of participants. One of the main authors of the report is Matthew G. Olsen, who was a former director of the National Counterterrorism Center under President Obama.

“Encryption is a real problem, and the FBI and intelligence agencies are right to raise it,” Mr. Olsen told The New York Times on Sunday. Olsen also said that the testimonies of intelligence agency officials about the threat of encryption lacked mention of the many new options that are currently or will soon be available for surveillance as a result of encryption and increasing technological advances.

The lack of mention to those new alternatives raises concerns that the national discussion around encryption is missing parts of the larger picture.

"From the national security perspective, we must consider whether providing access to encrypted communications to help prevent terrorism and investigate crime would also increase our vulnerability to cyber espionage and other threats," the study concludes. "From a civil liberties perspective, we must consider whether preventing the government from gaining access to communications under circumstances that meet Fourth Amendment and statutory standards strike the right balance between privacy and security."

You've read  of  free articles. Subscribe to continue.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.