The crypto wars: How much privacy should we give up for security?

Sauvik Das
10 min readFeb 26, 2021

In 2015, there was a mass shooting in San Bernardino, California, claiming the lives of 16 (including the two perpetrators) and injuring 24 others. The incident was a terrorist attack, and a tragedy. It also surfaced a longstanding debate on the role of security and privacy-enhancing technologies in society: the “going dark problem” — also referred to as “the lawful access challenge” or the “crypto wars”.

The “going dark problem” is what the FBI calls the widespread — and apocalyptic — use of encryption technologies. If impregnable encryption becomes the norm, the argument goes, then the FBI and other intelligence agencies will be unable to do their jobs at uncovering and mitigating national security risks. Bad actors — terrorists, spies — will be able to plan and communicate in secret and the country will descend into chaos.

When the FBI seized the Sen Bernardino perpetrators’ phones, they wanted access — terrorists do not act in isolation, and information on the phone could have provided law enforcement with information on other potential security risks. But, the phones were encrypted and locked, with the only people knowing the PIN to unlock the phone dead. The FBI wanted Apple to circumvent their own security protections to unlock the phones; the FBI wanted privileged access to the encrypted phones and…

--

--

Sauvik Das

Assistant Professor of Human-Computer Interaction at Carnegie Mellon University. Formerly at Georgia Tech. Ph.D. from CMU HCII. HCI, Security, Data Science.