[ubernostrum]

So let's walk through the logic here.

Suppose you say any system that can be used for communications must have a way to tap when a warrant is issued.

This means any encrypted communications system must have a back door built in that the government can access. And not just some single highly-regulated federal task force: any federal, state or local court in the US could in theory issue a warrant for someone's communication data, so the backdoor would have to be accessible to all of them.

Which means there's no encryption. There's no way that many separate people and agencies, all with access, would be able to maintain operational security; sooner or later it's going to blow wide open and anyone who wants to get access to someone else's communications will be able to with little effort.

That's what you're arguing for. Is that what you want to argue for?

And this is not idle abstract hypothetical slippery-sloping here. When the legal fight was happening, to try to force Apple to decrypt the San Bernardino shooter's phone, news came out that local police agencies around the country were literally lining up things like "someone was in a car crash, decrypt their phone for us so we can see if they were texting while driving" requests in anticipation of Apple being forced to decrypt phones in response to court orders. The instant you open up and force a backdoor/decrypt for one case, it will be wide open for every case, everywhere, and then we're back to effectively no encryption.

[sjy]

> There's no way that many separate people and agencies, all with access, would be able to maintain operational security

Then why isn’t this already the case for unencrypted communications? Law enforcement agencies all over the world routinely obtain lawful access to private data stored in Facebook, Dropbox and Gmail accounts, yet these services are still reasonably secure if, like the average person, you trust the service provider and are not the subject of an active investigation.

[craftyguy]

The NSA didn't obtain 'lawful access' to wiretap billions of people/communications.

[hazz99]

Can I see a source for the last bit, where police where lining up to use phone decryption tech? I don't doubt it, I just want sources so I can use this that fact in future arguments.

[devit]

Well, not really.

You could have a single secure system that holds encrypted session keys (and encrypted data if needed) for all the calls, and have it give them out under arbitrary logic, which could include rate limiting, multiple approval and publishing access requests (maybe after a delay), which would prevent "no encryption" from happening, assuming that system is properly secured.

Non-physical security can obviously be made perfect, and physical security can be achieved by launching the system hardware on a rocket, which still allows to communicate with it but makes physical access obviously impractical.

But obviously the issue is that the users have no incentive to use such a program as opposed to one without "key escrow", and there are plenty of PCs and Android smartphones on which arbitrary software can be installed.