Are you a little foggy on the government needs vs private sector (and, implicitly, the mathematical restrictions thereof) encryption debate? So is the government, apparently – it’s not one big topic, but several topics. Matt Tait on Lawfare elucidates:
For example, “device encryption,” used to prevent access to a device without the user’s PIN code, does not operate in a similar way to end-to-end communications encryption applications which prevent active wiretapping of communications. Neither is similar to the specialist anonymizing software used by criminals to access hidden child pornography and drugs markets on the web. And HTTPS, the encryption used to keep communications with ordinary websites secure, is fundamentally different again.
To be sure, each of these use “encryption,” at some superficial level, and all cause different headaches for law enforcement. Yet each category poses very different challenges to investigations, provides dissimilar security benefits to users, and has surprisingly unrelated options, alternatives and trade-offs for any proposed path forward for law enforcement or technology companies to adapt to their respective challenges.
It’s a good, high level primer on how the government’s lack of technical knowledge results in ineffective legislation.