Comment How you know you're doing the right thing (Score 5, Insightful) 134
When so many spooks come out against it, that's how you know you're doing the right thing. Let's unpack their statements a bit.
... Europol said it needs lawful access to private messages, and said tech companies need to be able to scan them (ostensibly impossible with E2EE implemented) to protect users. Without such access, cops fear they won't be able to prevent "the most heinous of crimes" like terrorism, human trafficking, child sexual abuse material (CSAM), murder, drug smuggling and other crimes.
You're not realistically going to magically prevent any of those things with more spying. At best, you might catch the occasional low-hanging fruit, and even then, only if you do incredibly invasive levels of widespread spying on everyone. The right way to prevent those things is by infiltrating the relevant community. People who say otherwise are kidding themselves.
"Our societies have not previously tolerated spaces that are beyond the reach of law enforcement, where criminals can communicate safely and child abuse can flourish," the declaration said. "They should not now." The joint statement, which was agreed to in cooperation with the UK's National Crime Agency, isn't exactly making a novel claim. It's nearly the same line of reasoning that the Virtual Global Taskforce, an international law enforcement group founded in 2003 to combat CSAM online, made last year when Meta first first started talking about implementing E2EE on Messenger and Instagram.
First, their claim isn't even true at a superficial level. Since at least 1961, we have been compelled by law to recognize diplomatic couriers and the contents of their bags as beyond the reach of law enforcement.
Second, our societies have always tolerated spaces that are at least by default beyond the reach of law enforcement, which allow law enforcement to peer into those spaces only after establishing probable cause.
Recent behavior by law enforcement agencies has thrown out the entire notion of probable cause, creating mass spying programs that sniff all the traffic going into and out of various organizations en masse. That, combined with parallel construction and courts being lax at enforcing the fruit of the poisonous tree doctrine, has resulted in substantial violations of the public's right to privacy.
End-to-end encryption is necessary entirely because law enforcement has repeatedly shown an unwillingness to respect the bounds of privacy that a free society requires. And the fact that law enforcement's irrational "slurp everything up and sort through it later" approach has resulted in everyone encrypting everything is not the fault of the "everyone encrypting everything". It is the fault of law enforcement being utterly egregious and unscrupulous in their behavior.
There are consequences for actions, and when governments show that they are untrustworthy on an ongoing basis, people stop trusting them. Welcome to the real world, kids.