Senator Calls For Everyone To Rally Around Encryption Like They Did Against SOPA

Image courtesy of Consumerist | Sen. Ron Wyden speaking in March, 2016

While the debate about encryption (brought to the foreground by the recent fight between Apple and the FBI) continues to rage on, at least one U.S. senator has clearly had enough, and is ready to draw a line in the sand.

Speaking at the RightsCon conference in San Francisco on Wednesday, Sen. Ron Wyden (OR) called on those in attendance — mostly members of the tech community, and advocates for consumer, civil, and human rights — to support his efforts in Washington to protect encryption, security, and privacy for all Americans.

In his remarks, Wyden explained that he was motivated, in part, by the string of data breaches involving retailers and government agencies that now seem to occur on a regular basis.

“We had a series of high-profile hacks at the same time — Target, Anthem, OPM,” said the senator, “and understandably, consumers said, ‘We want better security for our devices,’ and companies began to respond.”

Encryption, Wyden argued, is a vital part of that protection. It’s part of every card transaction, it’s what protects kids’ data: “Really our whole life might be on a smartphone — our health records, our personal communications — and it protects our national security secrets from falling into the hands of countries that do not wish us well.”

But of course, it’s not that straightforward. Improved encryption protects the data of both the law-abiding and the law-violating.

Law enforcement and tech — most prominently in the form of Apple and the FBI — have been at loggerheads about whether, when, and how to limit or work around encryption.

In the course of that ongoing discussion, it “seems like it would be a pretty good idea for agencies to hire some of the people in this room,” cracked Wyden. “But what I am not going to support — I am not going to support an effort to weaken strong encryption.”

At issue, Wyden later said, is — well, basically everything.

At this point in history, the existence, scope, and affordability of complex technology is so pervasive that there is no other era like it.

“There are very, very few places we can expect real privacy [anymore], not even our most personal spaces,” said the senator. “Even our very thoughts often end up recorded on the technology we carry.”

Wyden focused heavily on governments’ new abilities to listen in and follow their citizens, but the same applies to an extraordinary array of private companies as well.

“For centuries,” he explained, “individual liberty was protected by technological limitations. Gathering real-time personal information about a country’s entire population was impossible. It would have required more resources than any government could muster.”

He then alluded to 1984, the famous novel by George Orwell, and said that the technology at play now has outpaced even that popular literary touchstone, which warns of government’s invasions into citizens’ private lives.

“Your television screen can indeed watch you,” he said, “along with more and more gadgets that we wear, carry or live with every day.” The files that can be compiled on basically anyone with connected gadgets are more enormous and detailed than they have ever been.

The New Compact

To that end, Wyden introduced a policy platform he calls “The New Compact for Security and Liberty in the Digital Age,” something of a mouthful. The new compact is built around five core principles.

First, and perhaps most controversially, Wyden says we should end government campaigns against strong encryption.

“Encryption is one of the best defenses an individual has to protect himself or herself in the digital world,” he argued, adding:

“Without encryption, the technologies we live with would enable thieves to take not only our wallets and purses, but our entire life savings in the blink of an eye.

“Without encryption, connected technologies could be perverted to plan home invasions, abductions, and worse. Baby monitors and wi-fi enabled dolls have already been hacked. Cars have been hacked. Personal photos of the rich and famous have been hacked. Health records and credit cards and millions of sensitive government documents have been hacked.

“Without encryption, the most personal affairs of every individual, whom they spend time with, where they go, and what they think could be laid bare despite their best efforts to keep that information private. Even with encryption, poor implementation and carelessness can leave an individual exposed, but encryption gives individuals a fighting chance at maintaining digital security in the modern world.”

Secondly, Wyden said lawmakers need to strengthen the protections on data that individuals share, often unwittingly, with private business.

“I propose to you today … that individuals do not lose their privacy rights just because they share some of their personal information with a particular company,” Wyden announced.

It’s not really possible to live in 2016 without sharing some data with private companies, and in many cases we make those choices voluntarily: we use apps and social networks and services and wearable tech, and we get something beneficial out of that exchange.

But that data, once transmitted, can then legally go to any other third party without Fourth Amendment rights attached. In other words: data, once given to Company A, can be legally no longer considered yours alone to give, but Company A’s to do with as they like (within the bounds of the law).

“There is a huge, glaring problem with that logic,” Wyden said. “When you share your information with a single private company, that is not the same thing as making it public.”

“Your phone company may have records of who you call, and your bank may have records of how you spend your money,” he continued, “but your contract with them will have rules for when and how they are allowed to share that information.”

And that, Wyden said, should hold true for the digital world as well.

“When I post a new profile picture on Facebook, or send out a Tweet… I’ve chosen to make that information public,” the senator explained. “But when I send an email to my wife … my service provider and I have an agreement that my information will stay private. [But] the premise in current law is that I have agreed to make that information public just because my service provider is holding it.”

“And that premise,” Wyden concluded, “is simply absurd.”

Wyden then ran through his third, fourth, and fifth key platform proposals, saying that: Congress needs to hold more open hearings to deal with surveillance laws publicly; that “defenders of digital rights” need to be on their guard against subtle changes to extant law; and finally, that it is important for everyone to realize that law enforcement does have a valid job to do, and needs to come up with a way to do it.

But really what his effort needs, Wyden exhorted the room, is work from advocates to drive the point home in public.

In one day in Jan. 2012, Wyden reminded the room, basically the entire Internet went into protest mode against the controversial anti-piracy bills SOPA and PIPA, drumming up a tremendous tide of opposition to the proposed legislation.

“In a few days before that vote,” Wyden said, “More than 10 million Americans weighed in. Calls and letters and emails… You might remember the Internet going dark. And about 36 hours after this began I got a call,” and was told that the scheduled vote to move the bills forward was cancelled.

“So when the dust settles, everybody now knows that it can be done!” he explained. “Those who believe in a free and open Internet, those who want an encryption policy that assures we have more security rather than less security, I want to ask you as the community did when it came together back in 2012: I want to ask you to join me in working together once again to make sure a free and open internet, and policies that ensure security and liberty are the law of the land.”

“We did it once,” he concluded to applause, “let’s do it again!”

Wyden’s platform — particularly doubling down on encryption and creating more data protections — would indeed improve consumer protections in the U.S. However, realistically, even with public opinion rallied strongly around him, it seems unlikely that most — or perhaps even any — of these principles would see significant action in the near term.

That’s because 2016 is a major election year, with all of the House and a third of the Senate (including Wyden) up for re-election in November.

Congress has about seven months to act between then and now and frankly, a lot of that time is going to be spent campaigning —  on the trail, on the chamber floors, and, of course, while speaking at conferences.