Should the US government require technology companies to provide a “master key” to unlock all encrypted files? What began as a hypothetical question in the US Presidential Primary Election debates has evolved into an interesting standoff between tech titans and the FBI around encrypted files stored on an Apple iPhone (used by one of the San Bernardino shooters).
In January, while all of this was still a hypothetical question, RPost conducted a user poll for general interest. In this poll of business email users, of whom 40% self-identified as IT administrators, RPost asked:
“Politicians have recently advocated for “back-door” access to be able to easily read all encrypted email, arguing that this would increase general personal safety. If this policy was adopted, would this concern you? (Note, this is a hypothetical question and is not related to the RPost or RMail services.)”
Two thirds answered “Yes,” – they would be concerned if the government was provided a “master key” to all of their encrypted emails (67% of 1136 adult respondents).
Interestingly, one third answered “No,” – they would not be concerned, and it didn’t much matter if they were using email encryption or not. For those who expressed concern or reported no concern, a super majority in both cases were using RMail email encryption (77% and 65% respectively).
This result seems to run contrary to a recent national poll (Pew Research Center poll of 1002 adults) asking about the specific issue of FBI requiring Apple to provide a backdoor to unlock specific iPhone files of a specific user in the name of increasing general personal safety. In this Pew Research poll, only 38% said Apple should not unlock the phone (siding with Apple that it should not provide FBI access), while more than half (51%) said Apple should unlock the phone to help the investigation. Presumably, a reason why fewer people reported concern in this specific poll is their assumption that Apple’s provision of a master key for the San Bernardino shooter’s phone would not jeopardize their own personal privacy.
Would providing this backdoor for one phone actually lead to widespread and uncontrolled use of such backdoors, compromising encryption for all?
I think we can comfortably conclude that this will be a hot topic over the course of 2016 among leaders in the technology sector, politicians, and government agencies. Stay tuned.
RMail email encryption uses True Direct Delivery technology; there are no stored encrypted messages as they are delivered encrypted, directly to the recipient inbox. By contrast, most other email encryption services are “store-and-forward” technologies that store messages on a third-party server, sending a link for the recipient to retrieve the stored message. These store-and-forward systems have historically been more susceptible to requests for government access as they store and control the message content.