Russia Proposes Encryption Keys Escrow to Fight Terrorism While Retaining User Privacy
- Russia wants to create a global app keys deposit that will work as escrow for justified data access.
- This way, terrorists will be stopped before they have a chance to do any harm, while all other users will enjoy their privacy.
- This is a strong proposal against critics of “encryption backdoors,” but it is still not free of the potential for abuse.
The Russian FSB (Federal Security Service) has proposed the creation of a universal escrow-like deposit of encryption keys for mobile applications, enabling law enforcement agencies to access data when criminal investigations require it. This way, law-abiding citizens would continue to enjoy privacy and confidentiality in their communications while terrorists wouldn’t be able to hide behind end-to-end encryption systems anymore.
It sounds like a win-win, but the margin for abuse is obviously still there. Privacy advocates have difficulty trusting governments and their agencies, so if the keys to unlock protected communications are made available to them, the mechanisms for stealthy abuse could be established quickly. The escrow idea is meant to help mitigate this very risk. Still, if multiple participants in the contractual arrangement have common or similar benefits from the systematic bypassing of the safeguards, we could end up with a distorted reality system.
Deputy Foreign Minister of the Russian Federation, Oleg Syromolotov, stated that their foreign partners welcomed FSB’s proposal without mentioning which countries reacted positively. It is, however, clear that most countries out there seek ways to snoop all communications, so we wouldn’t be surprised if even governments that have cold relationships with Russia will stand behind this encryption storage deposit system proposal.
Right now, not many details about how this system would work have been publicly disclosed, but it’s clear that everyone interested in it is fascinated by the fact that it is a proposal that doesn’t ask for a backdoor. As such, software developers and companies that create e2ee communication and data exchange tools will have great difficulty expressing their concerns about the retention of user privacy or refuting the escrow system on grounds of distrust.
And as for social networks, IMs operating in the context of these platforms should be within the access scope of the proposed system, as Syromolotov confirmed. The Minister stated that there are serious risks associated with disseminating information promoting violence and terrorism, so no social media platform can be omitted.