Professional Documents
Culture Documents
Ethics Paper
Ethics Paper
David Szabo
CST 300 Writing Lab
February 22, 2020
Encryption is the process by which data is obfuscated with the intent that it only be
viewable by specific people or groups. This is accomplished by means as simple as a letter shift
encryption before the modern era were relegated to military endeavors such as the famous Caesar
Cypher (attributed to Julius Caesar) or the German Enigma Machine of World War II, the
information age has not only ushered in a seismic shift in how personal information is available
Medical data that was once a paper file full of one’s most intimate health concerns is now
available to access with a phone. Sensitive and potentially damaging information such as our
social security number, credit cards and a myriad of other personal vectors are stored on the
servers of commercial entities such as Amazon, Google, Intuit, etc. If this information is so
easily obtained by the person attached to it, how do we stop someone with ill intent from doing
the same? Encryption has become standard in the majority of electronic communications. Even
web traffic without any personally identifiable information (PII) is encrypted now on most major
sites. The current ecommerce boom would simply not be possible without strong encryption
Since the 1990s, the US Federal Government has been waging war against strong
encryption being available in any form to US citizens, even going so far as classifying such
software as a munition, such as the case of Phil Zimmerman author of PGP (Stay, 2012). While
Szabo 2
this case ended up as a loss for the government, the attempt to prevent the sale of products with
public sector encryption didn’t end there. An attempt to incentivize the use of an government
created alternative in the form of the Clipper Chip, which used a new NSA encryption algorithm
named Skipjack, was backed all the way to Whitehouse and championed by then vice president
Al Gore (Froomkin, 1996). The chip itself was sold on the promise of providing strong
encryption to consumers while the government itself would keep a copy of each such chips
decryption key in escrow, only to access it if necessary. This alone was unpopular both with the
public and the encryption community at large, but the revelation that the chip itself had
The government has been trying to enact legislation mandating companies to adopt a
backdoor in their encryption or a “golden key”, under the aegis that it is to protect the innocent
from predation, prevent terrorist attacks and assist in the prosecution of crime. While there are
existing mass data gathering programs, namely PRISM, the majority deal with the acquisition of
data, not breaking of encryption. Thus, a government backdoor could potentially aid in the
Many companies that provide consumer encryption contend that any backdoor would not
be something only the government could exploit. Any intentional weakening of the underlying
cryptographic algorithms or software bypass that allowed access without the decryption or
private key is an inherent flaw in the software. Given the existing flaws in all software, would
adding some intentionally be safe? Additionally, the major purveyors of encryption are already
working with the FBI and other agencies to assist in their stated goals insofar as finding and
prosecuting criminals.
Szabo 3
The federal government argues that any impediment to finding criminals before they
commit crimes, or in the prosecution of those who have already done so, is dangerous. While this
has been an imperative since the formation of centralized governments in antiquity, it is far more
applicable in the information age when communication options are numerous are ubiquitous. It
came far more sharply into focus for the United States post 9/11. While there was a wealth of
data showing the potential threats of the hijackers, it was spread across disparate agencies who
had a history of not communicating with each other (Johnston, 2003). Critical data that could
have saved lives languished in the hands of the FBI and CIA separately, where neither could see
the complete picture due to lack of intra-agency cooperation. This new-found clarity spawned the
Department of Homeland Security (DHS) and Transportation Security Administration (TSA) and
later a mass surveillance program known as PRISM. The scope of government surveillance since
9/11 is far too large to discuss here as most of what the public at large knows is due to the
Edward Snowden leaks in 2013, and encompass far more programs than just PRISM.
The primary support for this are claims of policy connected to claims of cause. “The
government needs to a backdoor” (policy) “to stop terrorism” (cause) or “to catch child
predators” (cause). There is an unspoken claim of value since these are both considered bad
actions in our culture. The purported claims all appear to be logical since stopping terrorist
While the goals are laudable, there is limited proof of their efficacy. Any operation that
catches a terrorist plot is by nature classified and will either never be known by the public at
large or be shrouded in mystery. Catching child molesters and organized criminal enterprises
tends to be more high profile and we see a much larger swath of the particular tactics used.
Szabo 4
If the government was suddenly faced with a surge of completely unassailable encryption
that was widely available and easy to use, they claim the prevention of crime and apprehension
of criminals would be much harder. Should the government by allowed to mandate weak
The American public has a vested interest in securing their privacy, be it from an overly
intrusive government violating at least the spirit of the 4th amendment, or nefarious actors both
foreign and domestic who wish to harm them. The rampant rise in cybercrime in the 21st century
has clearly shown that no information is safe without good security. Identity theft was already
widespread before the Equifax breach of 2017 (St. John, 2017), but that theft of the credit history
of every American citizen, along with a panoply of other such breaches, has shown quite clearly
that nobody is safe. Despite the opening of this proverbial Pandora’s Box, we still have tools at
As support would be claims of policy and value. “I have the right to protect my personal
information from misuse” (value) “as outlined by the 4th amendment” (policy). Since we are all
presumed innocent until proven guilty (Coffin v. United States, 1895), any governmental action
to collect private data on a citizen not being specifically investigated for a crime is in violation of
the 4th amendment. There does not appear to be a logical fallacy since there is no concerted effort
If the government is able to convince or coerce companies to install backdoors, what little
safety we have online may well be gone. As stated by Tim Cook, CEO of Apple, in an interview
with ABC in 2016, “Our smartphones are loaded with our intimate conversations, our financial
data, our health records. They're also loaded with the location of our kids in many cases. It's not
Szabo 5
just about privacy, it's also about public safety. No one would want a master key built that would
turn hundreds of millions of locks ... that key could be stolen” (Wagner, 2016).
Should the US government be allowed to mandate that publicly available encryption have
Moral Universalism is attributed to Plato and a cornerstone in his vision of utopia or the
ideal state. It is meant to be an analog to his view of humans, divided into a three-part structure
based on appetite (workers), spirit (warriors) and reason (rulers). He viewed a single decisive
source of power in the form of a wise philosopher-king to be superior to any other form of
government, due to his “soul of gold”. He posited that every form that sprung from this was
corrupted, with more power being diffused into less able or moral hands. Democracy and finally
the tyrant it elevates when the people feel powerless are the lowest forms. Our society most
closely resembles his favored style of governance, aristocracy, despite the notable lack of any
true royalty involved (Brown, 2017). The presumption being that people who rule are there
because they are fit to do so through some sort of innate “gold” quality and rigorous education.
While these aren’t evident in modern politics, it was at least the ideal at the founding.
The government states that (a) it is will make every effort to protect the citizenry from
harm (b) will not abuse access to information about innocent citizens and (c) strong encryption
without government safeguards weakens their ability to protect us. Since it is the not only the
legal source of crime prevention and apprehension (FBI, CIA, police, etc.) but also has the moral
high ground in these areas, it is logical to assume that they would be best able to handle the task.
Additionally, they already have the infrastructure to gather this massive amount of information,
both relevant and collateral, so being able to decrypt it in a lawful fashion does nothing but aid
If the government were to lose the ability to freely access this information, it is possible
that terrorist plots would be able to occur with greater regularity, and criminal enterprises would
be able to continue breaking the law. They have already seen roadblocks in investigating terrorist
attacks such as the San Bernardino massacre in 2015 or Pensacola naval base in 2019. In both
cases, strong encryption on Apple devices have prevented them from directly accessing phones
The creator of utilitarianism, Jeremy Bentham, stated “it is the greatest happiness of the
greatest number that is the measure of right and wrong” (Crimmins, 2019). Maximizing
happiness and well-being for the largest number of people while minimizing unhappiness and/or
hurt is the most moral course of action. A law, while seemingly just in its intent (catching
criminals) can become unjust when it is applied indiscriminately (mass surveillance). The value
Retaining access to strong encryption allows people security in many aspects of their
lives. Companies providing services that use these such as commerce, medical, insurance or any
with potentially damaging personally identifiable information offer a layer of protection if how
they transmit said data is strongly encrypted. If whatever data they store is also similarly
protected, the value of encryption rises dramatically with numerous high-profile data breaches in
the past 5 years. On the personal front, being able to securely store personal information “in the
cloud” without fear of it being either intercepted in transit or easily used if successfully taken, is
a necessity.
The government’s imperative to “stop terrorism” or “catch predators” are noble goals, but
not if their utility is so wildly imbalanced. Stopping a handful of criminals or even thousands is
greatly outweighed in utility by the harm done to hundreds of millions of innocent people who
Szabo 7
are already being watched without cause (which is beyond the scope of this issue). Additionally,
most of the major purveyors of strong encryption either in data transmission (Amazon, Google)
or storage (Apple) already cooperate fully with law enforcement enacting lawful warrants.
Google has been very cooperative, engaging in “geofencing warrants” (Welty, 2019) or “digital
dragnets”, offering up the information of thousands of users in the areas of a crime. While that
itself is against utilitarian ethos, it is far less harmful than the entire citizenry being constantly
surveilled.
If the American people and the companies whose services they employ lose access to
strong encryption, the rates of identity theft and massive breaches will expand greatly. Most such
events are currently due to finding flaws in existing frameworks such as unpatched web servers
that protects our online lives, exploits will be found. Even if the assumption is that the backdoor
will be in the form of a key escrow where the keys are securely stored on government servers,
not only has the government shown that it is unwilling to adhere to the bill of rights when it
comes to mass surveillance but they have a long history of poor digital operational security. All
it would take is one unprincipled employee or contractor and the proverbial keys to the kingdom
would be stolen.
I don’t trust the government to (a) properly manage and secure a key escrow and/or (b)
mandate a secure backdoor for existing encryption nor (c) resist abusing the system. Mass
surveillance such as PRISM and the other much less well-known systems (“NSA Surveillance”,
n.d.) have shown that they simply do not have our best interest at heart. While the party line is
that it’s to stop bad guys or “protect children”, the latter being a veil for some of the more
intrusive anti-privacy legislation, I don’t honestly know the end goal. And that’s worrisome since
Szabo 8
other than some toothless saber rattling from congress, nothing has been done to slow down
these programs. Nor has any actual proof been released to show their efficacy in stopping or
prosecuting crimes.
I align myself with the utilitarian goals of the American citizens. The potential good of
these efforts appear minimal at best to at most a couple thousand people whereas the harm could
The best solution I can see at this point would be to continue on our current course. The
companies responsible for most of the encrypted traffic on the Internet already cooperate with
law enforcement and can already be compelled to do so in a way that is completely invisible to
the public, via the issuing of a National Security Letter from a FISA court. While I don’t like that
angle at all, Amazon, Apple and Google are not going to risk their standing with the US
As for everyday citizens using encryption in their own lives, that is the price of freedom.
saying hateful, horrible words is completely legal so long as no direct threat or inciting of
violence is present. I find it vile, but is any amount of restriction of free speech safe? The same
goes for encryption. A minority will use it for bad ends, but does that mean we should violate the
References
Brown, E. (2017, September 12), Plato’s ethics and politics in The Republic. Stanford
ethics-politics
Crimmins, J.E. (2019, January 28), Jeremy Bentham. Stanford Encyclopedia of Philosophy.
Froomkin, A.M. (1996), It came from planet clipper: the battle over cryptographic key "escrow".
Johnston, D. (2003, July 24), 9/11 congressional report faults F.B.I.-C.I.A. lapses. New York
and-surveillance/nsa-surveillance
St. John, A. (2017, September 21), Equifax data breach: what consumers need to know.
know-about-the-equifax-data-breach
exports and the plight of Philip Zimmermann. Georgia State University Law Review.
Retrieved from
https://readingroom.law.gsu.edu/cgi/viewcontent.cgi?article=2264&context=gsulr
Szabo 10
Wagner, L. (2016, February 24), Apple CEO Tim Cook: backdoor to iPhones would be software
way/2016/02/24/468016377/apple-ceo-tim-cook-back-door-to-iphones-would-be-
software-equivalent-of-cancer
Welty, J. (2019, July 30). Geofencing warrants. North Carolina Criminal Law. Retrieved from
https://nccriminallaw.sog.unc.edu/geofencing-warrants