by Emily Newton
People will always be interested in keeping their data private. It’s a primary driver for tech companies, but solutions sometimes come with more challenges than they solve.
The primary problem with backdoor encryption has been tough to tackle in the past decade. Tech users should also know the other backdoor encryption risks to better understand the industry’s future.
The Primary Problem With Backdoor Encryption
When someone uses technology to send a message, research a topic or otherwise use the internet, they create data. The average user rate is 1.7 megabytes (MBs) per second, but that number increases with heavier tech usage.
Companies can profit from this data. They collect it to learn what consumers are interested in and what they’re buying, among other data pointing to various consumer trends. The big data industry was worth $241 billion in 2021 and it will likely have a value of $655 billion by 2029.
Standard end-to-end encryption and encryption-at-rest options may keep data safe, but the companies that own those encryption keys are under pressure. Law enforcement agencies want golden key access to devices hidden behind encryption methods.
It might help put criminals away if their data is evidence of a crime, but granting complete access to law enforcement officers would also allow them to potentially exploit users who haven’t committed crimes. Large-scale law enforcement groups like the FBI would also gain access to any data they want.
If oppressive groups got into high-ranking positions, the surveillance state could follow the path of China’s treatment of Uighur citizens.
The government used databases created with user data to track Uighurs, rank them according to the ruling party’s concerns and ultimately send them to re-education camps that are the site of crimes against humanity.
Other Backdoor Encryption Risks
The problem with backdoor encryption doesn’t stop at an unlimited police surveillance state. It continues with other challenges like people trusting it to protect their overall virtual activity.
It isn’t possible for everyone to be an expert in computer programming or cybersecurity. The average consumer may trust an encrypted device or app and believe it makes them completely safe. If the company that made that device is the only one with backdoor access, that must mean people like cyber criminals can’t get in.
There are a few issues with this idea. First, backdoor encryption methods would be public. They’d be another doorway into a secure facility that the building owner announces to the world.
Even though the owner is the only one with a key, criminals could still figure a way through. It’s why encrypted data needs backup security protection like multi-factor authentication, which requires additional identification methods beyond a password.
Backdoor encryption risks also include journalists being tracked down at their homes by parties unhappy with their coverage. State-sponsored hacking groups from places like North Korea, Turkey and Iran are already ramping up their attacks in the past year to gather information and silence journalists. American journalists have also had data stolen to stop critical news reporting on other nations.
Anyone with ill intentions could take advantage of this problem with backdoor encryption. They’d only need to break through the single layer of security or threaten the company holding the golden key to access any data they want.
There’s also the challenge of stolen intellectual property by competing companies. If there’s only one doorway into the encrypted data containing patents, confidential information, inventions and more, a company would only need to hire practiced cyber criminals to get through the weakened layer of security. They could also hold data hostage or threaten the golden key holder to gain access.
Hate groups could also take advantage of backdoor encryption. If they found an effective data breach for the singular door between threat actors and users, personal information like saved addresses, banking information and more could become weaponized against people in minority communities.
The FBI’s most recent data shows an 11.6% increase in hate crimes over 2021, which could only rise with the potential for easier digital crimes.
Alternative Security Solutions
The appeal of backdoor access is the ability to recognize threats more easily because there’s one access point. A recent study tested other threat recognition options in end-to-end encryption environments. The results were promising but not definitive.
Users gained abilities to report any suspicious activity or content. It empowered users but also left room for human error.
People won’t always recognize virtual threats, especially when they’re interacting with highly evolved cybercrime tools beyond their knowledge. It also made people more aware of how much data they created, which erased plausible deniability.
The study also created an opportunity to focus on metadata. When a system recognized file types, sizes or time stamps that looked unusual compared to typical user activity, it could flag the metadata automatically.
It’s a helpful background tool for detecting cybercrimes as they happen, but it would require companies to keep tons of sensitive metadata that become a new cause for security concerns.
Perceptual hashing and predictive matching were also part of the study. Both use digital fingerprints and data matches to recognize criminal activity and trace it to the cybercriminal doing it. However, the systems weren’t as accurate as desired when combating complex data.
Given the many backdoor encryption risks that would come with single-point access to user data, people might assume there’s one alternative security solution that could make it a good idea. The problem with backdoor encryption is that it leaves numerous avenues to access data.
Singular access could also fall into the wrong hands. Although a messaging app company CEO might pledge never to give user data over to law enforcement, a change in CEOs might put that at risk. The next corporate leadership team, politician or national law enforcement bureau might hold different digital security standards.
Understand the Problem With Backdoor Encryption
Numerous backdoor encryption risks make the topic challenging to navigate. People who might see some potential in singular data access should also learn why it concerns many cybersecurity professionals.
As it stands, the problem with backdoor encryption won’t have one alternative solution. If it were to gain widespread approval, consumers would need to enact multiple security measures to protect their privacy better.
Emily Newton is a seasoned tech and industrial writer who explores the impact of technology in different industries. She has over six years of experience providing insights on innovative technologies.