CSIS 320-B01
Should the Federal Government have Backdoor Access to Encrypted Data
Research Paper 2
CSIS 320-B01
Introduction
Advancements in technology laid the foundation of innovative platforms that connect
humans across the globe. The goal of these services is to enhance human interactions, business
communications and increase awareness of world events that connect people to cause. For
example, the footage that captured the altercation between George Floyd and the police officers
involved sparked a global protest against police brutality and the systematic oppression of
marginalized groups. Facebook is one of several tech companies in an ongoing struggle with the
U.S. Government, requiring tech companies to provide law enforcement agencies backdoor
access to encrypted devices and communications. Tech giants like Google, Apple, Microsoft,
Twitter, and Amazon have access to massive amounts of consumer data. They have policies to
protect encrypted data from threats that seek to infiltrate and extort that data for personal gain.
Politicians and law enforcement agencies continue to lobby and introduce legislation that would
force companies to design their systems in such a way that would allow agencies to access data
solely for investigations without the consumer's consent. Exceptional access to consumer data by
law enforcement agencies would have a massive impact on how information is shared. The
potential threats to consumer data would increase exponentially if companies were to ease
restrictions. The purpose of this research is to explore if it is right to allow the Federal
Government to gain backdoor access to encrypted communication devices and services. Also,
the potential threat this poses to those businesses.
, End-to-End Encryption
End-to-End encryption is a type of communication that allows users to read each other
messages without the potential threat of eavesdroppers reading the conversation. According to
an article published by the New York Times, "end-to-end encryption scrambles messages in such
a way that they can only be deciphered by the sender and the recipient" (Perlroth, 2019). The
most popular end-to-end encryption method is when a program or device creates two
mathematical keys, a public key and a private key (Perlroth, 2019). Public keys are shared with
anyone who wants to encrypt a message. Then, a private key is generated that decrypts the
message, but this key is stored in the program or device. "Think of a locked mailbox where
anyone with a public key can put something in, but only the user with the private key can unlock
the box" (Perlroth, 2019). It is nearly impossible to decipher the data being stored. Thus,
companies that use this level of encryption are unable to hand over data to law enforcement
agencies. However, using a backdoor method to gain access bypasses the standard
authentication method of encryption in a computer system or device. Companies have to be
willing to allow backdoor access, enabling outside agencies to unlock the data stored.
Through the building of backdoor access, the potential threat posed can expose users
to cyber attacks by external entities. When these critical software vulnerabilities happen, the
privacy of consumer data is severely compromised. These attacks have increased each year
exponentially. Purplesec, a cybersecurity company based outside of Washington, D.C.,
employs experienced professionals who have worked for the United States Cyber Command and
DoD Special Operations. They publish statistics on the percentage of attacks that occur each
year, with a breakdown of the type of attacks used and the most targeted industries. The
statistics have shown that under the section Social Engineering, which involves manipulating
confidential information (PurpleSec, 2021), 98% of cyber attacks rely on social engineering.
From the first quarter of 2018, these attempts to access information have spiked more than
Should the Federal Government have Backdoor Access to Encrypted Data
Research Paper 2
CSIS 320-B01
Introduction
Advancements in technology laid the foundation of innovative platforms that connect
humans across the globe. The goal of these services is to enhance human interactions, business
communications and increase awareness of world events that connect people to cause. For
example, the footage that captured the altercation between George Floyd and the police officers
involved sparked a global protest against police brutality and the systematic oppression of
marginalized groups. Facebook is one of several tech companies in an ongoing struggle with the
U.S. Government, requiring tech companies to provide law enforcement agencies backdoor
access to encrypted devices and communications. Tech giants like Google, Apple, Microsoft,
Twitter, and Amazon have access to massive amounts of consumer data. They have policies to
protect encrypted data from threats that seek to infiltrate and extort that data for personal gain.
Politicians and law enforcement agencies continue to lobby and introduce legislation that would
force companies to design their systems in such a way that would allow agencies to access data
solely for investigations without the consumer's consent. Exceptional access to consumer data by
law enforcement agencies would have a massive impact on how information is shared. The
potential threats to consumer data would increase exponentially if companies were to ease
restrictions. The purpose of this research is to explore if it is right to allow the Federal
Government to gain backdoor access to encrypted communication devices and services. Also,
the potential threat this poses to those businesses.
, End-to-End Encryption
End-to-End encryption is a type of communication that allows users to read each other
messages without the potential threat of eavesdroppers reading the conversation. According to
an article published by the New York Times, "end-to-end encryption scrambles messages in such
a way that they can only be deciphered by the sender and the recipient" (Perlroth, 2019). The
most popular end-to-end encryption method is when a program or device creates two
mathematical keys, a public key and a private key (Perlroth, 2019). Public keys are shared with
anyone who wants to encrypt a message. Then, a private key is generated that decrypts the
message, but this key is stored in the program or device. "Think of a locked mailbox where
anyone with a public key can put something in, but only the user with the private key can unlock
the box" (Perlroth, 2019). It is nearly impossible to decipher the data being stored. Thus,
companies that use this level of encryption are unable to hand over data to law enforcement
agencies. However, using a backdoor method to gain access bypasses the standard
authentication method of encryption in a computer system or device. Companies have to be
willing to allow backdoor access, enabling outside agencies to unlock the data stored.
Through the building of backdoor access, the potential threat posed can expose users
to cyber attacks by external entities. When these critical software vulnerabilities happen, the
privacy of consumer data is severely compromised. These attacks have increased each year
exponentially. Purplesec, a cybersecurity company based outside of Washington, D.C.,
employs experienced professionals who have worked for the United States Cyber Command and
DoD Special Operations. They publish statistics on the percentage of attacks that occur each
year, with a breakdown of the type of attacks used and the most targeted industries. The
statistics have shown that under the section Social Engineering, which involves manipulating
confidential information (PurpleSec, 2021), 98% of cyber attacks rely on social engineering.
From the first quarter of 2018, these attempts to access information have spiked more than
