As a security consultancy firm, our job is to provide guidance on security best practices to facilitate the protection of privacy and data for all the clients we serve. We believe strong encryption should be a global effort for national security, personal security and privacy, and free expression. In particular, the use of end-to-end encryption is currently what keeps our information assets secure across the web. For those who are not familiar with end-to-end encryption and why it is important in all aspects of security, here’s a great video resource https://www.youtube.com/watch?v=ADg7x2Buw0s
To extend our effort in advocating strong encryption adoption, we would like to vocalize our membership in the Global Encryption Coalition community. As stated by Global Encryption Coalition, “several governments and law enforcement agencies are trying to ban or weaken encryption for everyone”. The premise is that “They (the governments) want to require companies using encryption to create backdoors to catch criminals or wrongdoers”. We believe in a global movement to strengthen and preserve the use of strong encryption. As part of a global coalition, the movement calls on governments and the private sector to reject efforts to undermine encryption and to pursue policies with the adoption of strong encryption.
While members of the Global Encryption Coalition recognize crime prevention as a universal priority, undermining encryption efforts would also mean greater threats in the global economy and at the expense of users’ security privacy.
As Edward Snowden once said, “If you weaken encryption, people will die. This year alone, after the fall of the government of Afghanistan, we saw how crucial encryption is in keeping ordinary people safe. … Encryption makes us all safer. From families protecting photographs of their kids, to personal healthcare information, encryption keeps our private information private”.
The current trend of technical measures proposed to “break” end-to-end encryption all have one thing in common: each of them involves creating a form of “backdoor access” to “moderate” the data sent. The opportunities for misuse of such “backdoors” can be disastrous.
What this means for Canadians
The ruling by the Supreme Court of Canada stated that speech, including controversial or repugnant speech, has social value and should be protected from unjustified state monitoring. We did see attempts, despite criticism, from the government to enact “online harm laws” to restrict yet-to-be-defined “hurtful” online content, with the targeted categories in terrorist content, content that incites violence, hate speech, intimate images shared non-consensually, and child sexual exploitation content. What Canadians need to know is that such law will require internet giants and platforms utilizing end-to-end encryption to inspect all online content traversing. This also means communication between anyone, including privileged communications between physicians and their clients, will need to be examined by “breaking” encryption and thus undermining personal security and privacy. Canadians and businesses need to be aware of how ongoing privacy and security laws relate to the security of their personal data and any client data housed.
While cyber security is a broad discipline and requires collaboration between all stakeholders, we would like to highlight the importance of strong encryption usage in all sectors of business and the user data housed. We recommend reading this article published by the Global Encryption Coalition, where it highlights the security impact of “breaking” end-to-end encryption. You can find the article at this link – https://www.globalencryption.org/2020/11/breaking-encryption-myths/