Is strong encryption more important now than ever? New regulatory efforts and rising cybersecurity threats are exerting increasing pressure on businesses and Governments to answer this question. Until now, security experts from industry and civil society have responded with a resounding Yes – that strong encryption protects everyone from harm and threats. Their view is that any form of bypassing would require weaker encryption, resulting in new vulnerabilities that could be exploited by anyone, anywhere. Regulatory efforts influencing this debate, although not intended to undermine encryption, perhaps rest on the assumption that businesses have enough resources to create technology that will solve the complex issue of maintaining strong encryption while responding to legislative expectations. These developments have caused businesses to publicly announce their concerns that strong encryption may be in danger. In this panel, we seek to revisit this pressing debate considering the latest developments in encryption technology and emerging regulatory and security needs.
• Is there a real threat to encryption today?
• Can legitimate policy goals that may impact strong encryption be balanced with privacy and data protection rights?
• What are the technical limitations that might be considered that support the view that strong encryption cannot have vulnerabilities built into it?
• Are there options that should be considered for protecting citizens without building vulnerabilities into encryption?
