Jeff Sessions (Getty)

Alabama Senator Jeff Sessions, who is currently waiting approval for the US Attorney General job, has his fair share of backwards ideas. But another one of his ideas—that law enforcement should be able to “overcome” encryption—is just plain reckless and potentially destructive.

Encryption backdoors would give law enforcement a way to bypass the algorithm that protects our data and sensitive information on smartphones and computers, and the issue has been litigated for decades. Virtually every computer security expert agrees that giving law enforcement an encryption backdoor in any capacity makes our data less secure and more vulnerable to malicious actors trying to steal data. Encrypting your text messages and phone calls can also protect you from sophisticated, widespread and sometimes warrantless government surveillance programs. If you use iMessage or have ever connected to a webpage with HTTPS, you’re using encryption.

Advertisement

The Electronic Frontier Foundation dug up Session’s written answers to questions sent by Senator Patrick Leahy. The responses are nauseating (emphasis ours):

Question: Do you agree with NSA Director Rogers, Secretary of Defense Carter, and other national security experts that strong encryption helps protect this country from cyberattack and is beneficial to the American people’s’ digital security?

Response: Encryption serves many valuable and important purposes. It is also critical, however, that national security and criminal investigators be able to overcome encryption, under lawful authority, when necessary to the furtherance of national-security and criminal investigations.

Session’s sentiment that law enforcement should only overcome encryption by lawful authority sure is nice. But it shows a stunning lack of knowledge on an issue that has been debated for years and years. Computer security experts are in consensus here: there is no mathematically possible way to offer an encryption backdoor to law enforcement without weakening that encryption for everybody else. There is simply no way around it.

Advertisement

Advertisement

Trump has droned on about improving America’s cybersecurity, and yet his pick for attorney general is someone who may not be able to grasp the subtle nuances behind making cybersecurity work for everybody. Remember, Trump’s impulsive response to the FBI versus Apple legal quandary last year was that everybody should boycott Apple. The FBI eventually dropped its case.

Encryption protects us in the digital age, so its important that we safeguard it from ill-informed and most likely bad intentioned attempts from people like Jeff Sessions to weaken it.

[EFF]