Our modern age of one and zeroes has brought countless conveniences to everyday life. At the same, the incredible technology we rely on to stay connected, help us get things done, and improve our lives comes with its own unique and still-emerging challenges. Data security is one of the big concern in the new digital landscape, and while the push to increase the safety of our sensitive data is helping prevent unwanted hacks and intrusions, it’s also raising big questions about the ethics of encryption.
The Catch 22 of Data Security
There’s no denying that people want their critical data, personal privacy, and sensitive information safe from prying eyes and those who would seek to use it for identity theft or worse. Major tech companies have poured lots of time and money into securing their devices and technologies to build valuable trust among their devout user bases.
Without this trust, it’s tough to gain the brand loyalty and sales traction needed to thrive in the ultra-competitive tech space. But what should we do when the interests of data security and proprietary information get in the way of public safety? It’s a conundrum that’s been thrust into the national spotlight again and again by high-profile incidents hitting the news.
March 2017’s horrifying terrorist attack in London is just a recent example of how encryption presents an ethical gray area where current law and technology butt heads. Following the brutal attack—which left 50 injured and five dead, including a police officer—the UK government is seeking access to encrypted WhatsApp messages on the attacker’s cell phone to gain insight into the incident and uncover any other parties involved to prevent further danger to public safety.
Increasingly, governments are pushing back against encryption in situations where major catastrophic events could be presented with access to the encrypted data. The 2015 San Bernardino attack is another recent high-profile terrorism incident that raises similar issues. In that case, the FBI came to a legal standoff with Apple, when the massive tech company refused to unlock the phone of one of the shooters. Ultimately, the FBI managed to de-encrypt the phone on its own, but many months later.
These and other similar large-scale issues have sparked much debate over the privacy of data and the strength of current encryption, particularly when it comes to public safety and preventing crimes.
Navigating a Tricky Path Ahead
Given the complexity of the issue, there’s no real concrete answer emerging on how to best navigating this minefield, but it clearly puts cryptographers and corporations in a challenging position. What do they do when then personal ethics and a desire to help the greater good doesn’t align with the hard-line encryption policies of the company’s they work for? And how should companies handle ethical issues while maintaining their integrity to customers? While these questions are still up for heated debate, it’s clear that parties on all sides of the issue have a difficult task ahead of them in the years to come.
For many tech businesses, data security and impenetrable encryption is essential to their company and their products. Having a clear policy in place is vital, but it’s equally important to ensure employees are fully-versed in what those policy’s are, why they’re in place, and what the protocol is for dealing with difficult questions that might arise.
Taking steps to ensure employees have appropriate data security policy training and education is a good proactive approach for preventing issues within an organization, though there’s still lots of work to do ahead before the intricacies of encryption ethics can be fully untangled.