If the U.S. government tries to strong-arm American companies into ending the sale of products or applications with unbreakable encryption, the technology won’t disappear, a group of researchers conclude in a new report. It would still be widely available elsewhere.
Some U.S. law enforcement officials argue that unbreakable encryption is interfering with legal surveillance of suspected criminals and terrorists. And some members of Congress are pushing for a nationwide requirement that encryption allow for law-enforcement access.
But the three researchers — Bruce Schneier, a cryptologist and fellow at the Berkman Center for Internet & Society, Kathleen Seidel, an independent researcher, and Saranya Vijayakumar of Harvard — compiled a list of at least 865 hardware and software encryption products available in 55 different countries. More than 500 of them come from outside of the United States.
“The report calls into question the efficacy of any U.S. mandates forcing backdoors for law-enforcement access. Anyone who wants to avoid U.S. surveillance will have 546 competing products to choose from,” Schneier wrote in a press release.
“Any U.S.-only restrictions will adversely affect U.S. companies in this worldwide market,” he continued.
“Criminals and terrorists will switch to more secure foreign alternatives, and the people who will be most affected are the innocent Internet users who don’t know enough to use non-backdoored alternatives,” he wrote.
It’s not entirely clear which overseas encryption products are truly unbreakable, and which have been compromised by government surveillance backdoors. Even so, Schneier and his co-authors insist that “cryptography is very much a worldwide academic discipline” and “there is no reason to believe that foreign-designed or foreign-developed encryption products are any worse (or better) than their U.S. counterparts.”
Graphic: The Intercept, using data from report.