In the movie Groundhog Day, Bill Murray’s character is stuck in an endless loop, reliving the same day over and over again. It’s not until he actually does something different that he breaks the loop.

That’s where we are in the encryption debate. On one side the encryption advocates talk about the critical role it plays in data privacy and security: safeguarding online communications, enabling free speech, and protecting financial transactions, among other things. On the other side, governments and law enforcement want a way to access encrypted communication to protect the public, prevent the spread of child sexual abuse materials, and stop terrorist attacks and other crimes.

Both sides have tweaked the messaging over the years but for decades it’s been the same endless loop. Law enforcement needs to break down the challenges and come to the table with an open mind. Encryption advocates need to recognize the challenges that law enforcement face and also have an open mind for these discussions. Maybe if both groups work together, break the bigger challenges into smaller ones, they can create solutions and break the loop.

The report released today from the Center for Cybersecurity Policy & Law, Reframing the Conversation: A Deep Dive into the Encryption Debate looks at the history of the conversation around encryption, and how we might reframe it to break out of this loop. Governments and law enforcement must take a practical, incremental approach to policies and legislation that affect law enforcement and online security, rather than mandating ubiquitous surveillance that can circumvent encryption. And encryption advocates must find ways to partner on our shared goal to prevent, investigate, and prosecute these crimes.

The report:

  • Examines the historic discussion and arguments around encryption policy;
  • Reviews recurring themes among proposals in the context of current policies and legislation;
  • Establishes how the modern encryption debate should proceed; and
  • Addresses the potential challenges should the discourse remain unaltered.

Heather West, Zack Martin & Ivy Orecchio

Read Next

AI Profile for NIST CSF Would Help Risk Management Pros

Last week, the Cybersecurity Coalition submitted comments in response to the National Institute for Standards and Technology (NIST) Cybersecurity and AI Workshop Concept Paper. 

Crosswalk Analysis for Artificial Intelligence Frameworks

Organizations worldwide are developing frameworks to ensure that AI systems are safe and secure but there’s a gap in how they are compared. This analysis seeks to understand the commonalities by using the the NIST AI RMF as a baseline.

What is DNS? - A DNS Security Primer

DNS is woven into the fabrics of almost every network, and it’s critical that DNS deployments are done securely and with the most modern best practices, lest attackers compromise this vital component.