Email Encryption and Human Rights
Earlier in February this year, a criminal group in Europe was arrested for several murders, torture, drug trafficking and other crimes. Among the evidence, the police gathered 44 mobile phones, all equipped with Sky ECC, a Canadian encrypted messaging app.
The police did manage to access the app and searching the phones found several incriminating photos, including one of two decapitated men.
This, naturally, once again opened the debate whether encryption is a useful tool that all private individuals can use to protect their online privacy or does it only serve the criminal milieu and make the job of law enforcement unnecessarily difficult.
Criminalizing Encryption Tools
Cases like this are not rare in today's digital age and they often serve the opponents of encryption to criminalize it and make the use of encrypted devices illegal.
For example, the Interior Minister of the country where the above group was arrested said:
"It is indisputable that it is used by criminals. I am in favor of it being a crime, as I believe that the purchase of any telephone number, regardless of whether it is prepaid or postpaid, must be done with an ID card."
Unfortunately, this narrative that encryption is only used by criminals is often repeated by governments and big technology companies.
Sky ECC, for instance, suffered the fate of many other encrypted tools that had the misfortune of being used by criminals. The service was shut down and their domain seized by the FBI.
The idea that if you are using encryption, you are automatically committing or covering a crime is completely wrong itself.
Human Rights Defenders on Encryption
We know what most governments have to say about encryption tools.
But where do the human rights defenders stand on this issue?
In 2016, Apple challenged the Federal Bureau of Investigation's (FBI) order to provide encryption backdoors to their phone at court.
In a briefing titled Encryption: A Matter of Human Rights, Amnesty International stated:
"Amnesty International believes that, because of the critical role played by encryption in the enjoyment of these rights, restrictions on access to and use of encryption may constitute an interference with the enjoyment of human rights. As such, in order to avoid violating their human rights obligations, states must ensure that any restrictions on encryption are contained in laws that are precise and transparent, are used only when necessary to achieve a legitimate aim and do not discriminate against specific individuals or groups."
Human Rights Watch, also takes a pro-encryption stance, saying that:
"Strong encryption is critical to protecting human rights and cybersecurity in the digital age."
Encryption and the Right to Privacy
The United Nation's Universal Declaration of Human Rights (UDHR), says in the Article 12:
"No one shall be subjected to arbitrary interference with his privacy, family, home, or correspondence, nor to attacks upon his honor and reputation. Everyone has the right to the protection of the law against such interference or attacks."
Of course, when the declaration was first adopted, on 10th December, 1948, encryption wasn't used by civilians in everyday life and certainly wasn't at the level it is today.
Today, however, we have to consider electronic communications and that encryption is more readily available and used by private individuals and not just law enforcement or the military.
The problem here is that the UDHR, like most other laws that are supposed to protect and preserve privacy and free speech, is not equipped enough to deal with email and other electronic communications.
For example, when it comes to email encryption, we need to remember that an email message may cross borders several times before reaching the intended recipient. This means it can be intercepted and read at any point in-between at each server, without the sender or the recipient being aware of this.
This is why regular email services like Gmail are not suitable to protect your private data. They are simply not fully encrypted, or end-to-end encrypted. Services like these only encrypt your email communication in transit, but not at rest or on the servers.
Is There a Need for Stricter Encryption Policies?
There's no denying that criminals are using encryption tools with increasing frequency, but that is no reason to ban them.
What they simply did was adopt the technology before honest citizens who have a legitimate human right to protect their online security and private data from unlawful surveillance.
We've already seen that international organizations and human rights activists support encryption and its use to protect privacy and security on the Internet.
But as we saw from the example at the beginning of this article, encrypted apps can hide critical information that law enforcement may need to access information that is protected by encryption to apprehend criminals.
So what is the best way to do this without denying law-abiding citizens their own right to protect communications and their personal data?
That is certainly not encryption backdoors even though lots of governments are trying to force data companies to introduce them into their products.
Instead, law enforcement must stop making shortcuts and ensure that they come with legitimate court orders if they need to access someone's online communication.
This is the only way to protect civil liberties and ensure that law agencies can do their job.
An Email Encryption Solution that Protects Your Right to Privacy
CTemplar is an end-to-end encrypted email service that strongly shares this sentiment that everybody, including civilians, activists and journalists has the right to online privacy and to protect their personal information from any bad actors, be that the government, online criminals, or big companies that want to monitor their data.
That's why we started our journey to protect your email back in 2017 and if you want to join us and keep your email safe, take a moment to sign up for our service.