The Encryption Debate: A Way Forward

1-john chen agm-001

Recent reports that messaging apps WhatsApp and Telegram have been employed by terrorists have brought the encryption debate to a head. The rhetoric has been acrimonious and polarizing, pitting privacy advocates who want strong protection from prying eyes against government officials frustrated by their inability to access criminals’ encrypted data.

For years, government officials have pleaded to the technology industry for help yet have been met with disdain. In fact, one of the world’s most powerful tech companies recently refused a lawful access request in an investigation of a known drug dealer because doing so would “substantially tarnish the brand” of the company. We are indeed in a dark place when companies put their reputations above the greater good. At BlackBerry, we understand, arguably more than any other large tech company, the importance of our privacy commitment to product success and brand value: privacy and security form the crux of everything we do. However, our privacy commitment does not extend to criminals.

BlackBerry is in a unique position to help bring the two sides of this debate together, to find common ground and a way forward. BlackBerry’s customers include not only millions of privacy-conscious consumers but also the banks, law firms, hospitals, and – yes, governments (including 16 of the G20) – that use our products and services to protect their highest value resources every single day. We stand as an existence proof that a proper balance can be struck.

iStock_000021161130_MediumWe reject the notion that tech companies should refuse reasonable, lawful access requests. Just as individual citizens bear responsibility to help thwart crime when they can safely do so, so do corporations have a responsibility to do what they can, within legal and ethical boundaries, to help law enforcement in its mission to protect us.

However, it is also true that corporations must reject attempts by federal agencies to overstep. BlackBerry has refused to place backdoors in its devices and software. We have never allowed government access to our servers and never will. We have made decisions to exit national markets when the jurisdictional authorities demand access that would abuse the privacy of law-abiding citizens.

We also reject any notion of banning or disabling encryption. The hacking epidemic over the past couple years shows that we need more, not fewer, security controls for our sensitive information. Frankly, it is surprising and unnerving that some national political leaders think that an encryption ban could even work on a technical basis. We, as a society, have decided that powerful computing devices that manage our identities, photographs, bank statements, and more are better to have than not. Users can install applications with encryption that precludes lawful access. If encryption services were banned, criminals would simply write their own encryption apps, resulting in a world where they have better encryption tools than the citizen populace, and our personal privacy would be the only casualty of this debate.

So the encryption ship has sailed; what, then, can service providers do to help strike the proper balance? The developers of Telegram demonstrated a simple example. Telegram offers two services: private point-to-point messaging and public group messaging (called channels). Telegram took decisive action to shut down criminal channels without affecting the point-to-point messaging service its customers depend upon for privacy. Make no mistake: service providers bear a dual responsibility to protect customer privacy zealously and to cooperate with lawful requests for investigative assistance.

It is practical to have public policy that supports law enforcement without impeding personal privacy. Ultimately, users have the right and responsibility to choose privacy with or without the potential for lawful oversight. We agree with the notion that there is no easy answer or formula to strike this balance. Hard things, we might say, are hard. That being said, it’s time both sides of this encryption debate accept that pointing fingers is counterproductive. Technology, over the course of human existence, can be both used and abused. We all have a right to privacy as well as public protection. We must balance these, and the world’s tech leaders must help consumers and governments alike make informed decisions.

About John Chen

John Chen is Executive Chairman of BlackBerry’s Board of Directors and Chief Executive Officer. A distinguished and proven leader in the technology industry, prior to joining BlackBerry, he served as Chairman and CEO of Sybase Inc. from 1997 for 15 years, where he developed and led the company’s re-invention from a mature, slower-growth technology company into a $1.5 billion-plus high-growth innovator. Under his direction, Sybase became the leading provider of enterprise mobility and mobile commerce solutions, achieving 55 consecutive quarters of profitability. John previously held a series of executive positions at Siemens Nixdorf, Pyramid Technology Corp., Unisys and Burroughs Corp, where he started his career as an engineer. He graduated from Brown University magna cum laude with a bachelor's degree in electrical engineering and holds a master's in electrical engineering from California Institute of Technology. He is actively involved in international relations and has testified before Congress on U.S.–China trade relations. John serves on the board of directors for The Walt Disney Company and Wells Fargo & Co. He is active in the not-for-profit community, and is also a trustee of Caltech, member of CFR, national trustee of The First Tee and Governor of the San Francisco Symphony.

Join the conversation

Show comments Hide comments
+ -
blog comments powered by Disqus