Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecuritySecurity Leadership and ManagementSecurity Education & TrainingCybersecurity NewsGovernment: Federal, State and Local

Don't Disarm Individuals in the Battle for Data Protection, Privacy and Security

By Andrea Little Limbago
Encryption Future - Security Magazine
July 31, 2019

End-to-end encryption provides a foundational data protection safeguard, allowing secure data transfer between the sender and recipient while blocking it from external compromise. It also means this data can be inaccessible to law enforcement, who then must find alternative means to access that data.

Across the globe, repressive governments frustrated with data inaccessibility have banned or attempted to block end-to-end encryption under national security rationales, with a net negative effect on internet freedoms and individual rights. The United States has recently renewed the encryption battle, with a recent National Security Council meeting that discussed banning end-to-end encryption. Instead of seeking to emulate these regimes, the United States and allies should reinforce a commitment to data protection and privacy based on the security benefits of end-to-end encryption.

Why now?

Last year represented a significant inflection point when it came to raising awareness and public conscience about the extent to which third-party entities have access to personal and corporate data. The Cambridge Analytica scandal highlighted nebulous corporate data sharing practices, while the persistent drumbeat of years of mega-breaches such as Marriott, Quest and Equifax demonstrated the broad range of personal data left unprotected and exposed for compromise. Even accidental data breaches continue relentlessly and are compounded by failures to encrypt the exposed data. Together, these trends sparked a broader privacy awakening in favor of greater data protection against unauthorized data access.

This growing movement also instigated recent data protection efforts such as the General Data Protection Regulation, which references encryption as one of the recommended security safeguards organizations should deploy to demonstrate reasonable security is in place. In the United States, California’s Consumer Privacy Act (CCPA), which comes into effect in January 2020, is the most far-reaching data protection law to date. However, it is not alone. New York is considering even farther-reaching data protection requirements, while states from Maine to Texas are exploring or have passed data protection laws aimed at safeguarding data privacy and security. 

Seeing the public momentum shifting, big tech companies have attempted to ‘out privacy’ each other as a business competitive advantage. In early 2018, most tech leaders publicly vocalized support for self-regulation, but by year’s end the narratives shifted in favor of manifestos and promises to prioritize privacy. For instance, Facebook CEO Mark Zuckerberg outlined his vision for privacy, including end-to-end encryption in all of their messaging applications.

This growing emphasis and demand for data protection has resulted in growing individual and corporate implementation of encryption. While end-to-end encryption provides an essential legitimate means to protect personal and corporate data, criminal and terrorist groups also can protect their own communications, hindering some law enforcement efforts. This tension is reflected in the 2016 Apple vs FBI dispute and appears to be reigniting, rationalized by concerns over ‘going dark’ and lacking access to data that may help convict criminals or terrorists.

The Global Attack on End-to-End Encryption

End-to-end encryption is one of the few security measures that is growing more affordable and usable for non-tech aficionados. It provides digital and physical security safeguards for a free and open society and economy and has been used by human rights advocates, journalists, domestic violence survivors and to secure intellectual property. Because of this, a recent United Nations report declared, “A state’s obligations to respect and ensure the rights to freedom of opinion and expression and to privacy include the responsibility to protect encryption.” The G20 has similarly prioritized data protection for global economic innovation and growth, demonstrating the economic benefits as well. 

At the same time, there has been a growing global effort to weaken encryption, most vocally advocated by authoritarian regimes such as China, Russia, and Iran, under the auspices of national security. Unfortunately, this digital strategy has spread. Turkey recently linked anyone using a localized messaging app that contained encryption, called ByLock, to coup involvement. Malawi requires government approval of encryption keys. India is exploring a law to require a backdoor, targeted at WhatsApp. German leaders have requested similar access to encrypted content, while Brazil continues to go back and forth on banning WhatsApp and its end-to-end encrypted services. The United States, Australia, Canada, New Zealand, and the United Kingdom issued a joint statement introducing their intent to seek lawful access to encrypted content. Australia made good on this promise a few months later, passing a contentious law requiring access to encrypted content. Based on the recent discussion at the National Security Council, the United States may soon follow suit.

An Inflection Point for Security and Privacy

In short, the policies of authoritarian regimes are increasingly emulated across the globe, with significant implications for the future of the internet as well as fundamental rights and liberties. The absence of U.S. leadership in favor of end-to-end encryption will have global ramifications. First, it gives the green light to every despot and corrupt leader to similarly ban end-to-end encryption for their own regime objectives, including domestic crackdowns and targeting. Without a global leader advocating for end-to-encryption, digital freedoms will continue to erode and only worsen over time as leaders become emboldened to seek ever growing means of information control and dominance.

Second, a U.S. law weakening end-to-end encryption won’t achieve the desired objective of greater national security. Last year it was proven that the FBI significantly overstated the number of cases impacted by their inability to access data. This means the actual national security gains are quite small, while simultaneously introducing greater vulnerabilities into a threat environment already struggling with a growing proliferation of attackers and tools. Backdoors are not just accessible to law enforcement, but also provide additional means for malicious actors to compromise data. If the current steady pace of breaches seems unsustainable for national and economic security, it will only be amplified without security safeguards such as end-to-end encryption.

The Digital Battle Ahead

Just as the demand for greater security and privacy gains momentum, governments across the globe are chipping away at a core safeguard for security and privacy. End-to-end encryption empowers data owners to defend against a range of data compromises. To be clear, it is not a panacea– but it is a highly recommended means to secure data and is fundamental to a modern open society based on individual rights to privacy and security. 

The growing push for global data standards is intricately connected with geopolitics, human rights, and civil liberties. Global democratic leadership is essential to counter the digital authoritarianism that seeks complete information control by governments at the expense of individual fundamental freedoms. 

If the United States bans end-to-end encryption, thus emulating the most repressive regimes across the globe, it will embolden additional countries to not only ban end-to-end encryption but take further steps to undermine digital privacy and security. Conversely, a coherent U.S. federal data privacy law that reinforces the essential role of end-to-end encryption could introduce an alternate model and a counterweight to the growing privacy infringements. But to achieve this, any notion of banning end-to-end encryption must be halted and replaced with serious discussion and implementation of federal policies that strengthen both security and privacy.

KEYWORDS: cybersecurity data security encryption national security

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Andrea limbago

Andrea Little Limbago is a computational social scientist specializing in the intersection of digital technology, national security and society. She is currently the Chief Social Scientist at Virtru, where she researches and writes on the geopolitics of cybersecurity, global data protection trends and usable security. Andrea is also a Senior Fellow and Program Director for the Emerging Technologies Law and Policy Program at the National Security Institute at George Mason, and contributes to numerous security conference program review committees. Prior to that, Andrea taught in academia and was a technical lead at the Department of Defense, where she earned a top award for technical excellence. Andrea earned a PhD in Political Science from the University of Colorado at Boulder. Her writing has been featured in numerous outlets and she frequently presents to a range of security, academic and government audiences.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

  • Duty of Care
    Sponsored byAMAROK

    Integrating Technology and Physical Security to Advance Duty of Care

Popular Stories

Coding

AI Emerges as the Top Concern for Security Leaders

Half open laptop

“Luigi Was Right”: A Look at the Website Sharing Data on More Than 1,000 Executives

Shopping mall

Victoria’s Secret Security Incident Shuts Down Website

Laptop with coding on ground

Stepping Into the Light: Why CISOs Are Replacing Black-Box Security With Open-Source XDR

Gift cards and credit cards

Why Are Cyberattacks Targeting Retail? Experts Share Their Thoughts

2025 Security Benchmark banner

Events

June 24, 2025

Inside a Modern GSOC: How Anthropic Benchmarks Risk Detection Tools for Speed and Accuracy

For today's security teams, making informed decisions in the first moments of a crisis is critical.

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • data-privacy-freepik1170x6.jpg

    Privacy and data protection in the wake of Dobbs

    See More
  • smart-city-freepik1170x658b6.jpg

    Big data and smart cities: How to battle the pandemic while preserving privacy

    See More
  • generative AI

    Balancing data privacy and security in the age of AI-powered defenses

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing