The Global Encryption Coalition Steering Committee was proud to host the second edition of The Encryption Summit: Encrypt Today to Safeguard Tomorrow on October 21st, 2024. The summit brought together encryption experts from academia, civil society, and business to discuss key developments in the global encryption policy debate.
In five sessions, the Summit covered digital rights implications for encryption in South Asia; encryption-friendly platform regulation; encryption threats in website security legislation; the preventative role of encryption in child safety; and the policy implications of the arrest of Telegram CEO Pavel Durov.
Check out the summit session recordings and key quotes below!
Courts at the Crossroads: Defending Digital Rights Against Encryption Crackdowns in South Asia
“State authority and executive authority have impeded the freedom of expression and fundamental rights in the country [Sri Lanka] but have been exacerbated as a consequence of increasing interest in private privileged communication by the state. […] The Online Safety Act in Sri Lanka is antithetical to human rights and expression and it is encroaching on the privacy rights of the people. […] Our courts are under the Jackboot of the executive president since its construction in 1977. […]The executive president is untouchable and whoever has occupied has gone on to encroach on rights in every manageable form and way and the courts have been subject to that authority that is almost god-like.” – Sanjana Hattotuwa, ICT4Peace Foundation
“Many times while well-intentioned, to protect women or the morality of women, the court ends up restricting digital rights” – Vrinda Bhandari, Internet Freedom Foundation“For accessing content data, widespread raids, arrests, illegal detentions are happening, despite the fact that law requires a warrant, a warrant is not sought. People are forced to provide access to their phones. […] We expect that the court will assert themselves a little more and ask the executives to qualify what exactly is threatening national security in context of the X ban and what is the requirement of mass surveillance. […] “There is a lot of friction within the judiciary as well. Judges are sidelined when they tackle with the questions against the executive” – Fariah Aziz, Bolo Bhi
“There are many problematic provisions regarding content takedown. These provisions have provided many institutions the power to direct social media companies to take down the content. Currently, the power has been given to five agencies. If these companies do not take the content down within 24 hours, they have to give a fine of up to 10 lakh Rs.” – Santosh Sigdel, Digital Rights Nepal
What would an encryption-friendly platform regulation look like? Cross-regional perspectives on online platform regulation and encryption
“I don’t want to be negative in my perspective but unfortunately I have an example of what bad, non-encryption friendly legislation would look like with the UK’s Online Safety Act. […] It will have an impact on users around the world because if these powers are used, and if WhatsApp or Signal were forced to compromise the safety of their users by undermining end-to-end encryption, it would have an impact on the rights of people around the world.” – Mark Johnson, Big Brother Watch
“Countries that come out with this legislation first become a template for others to use.” – Abeboye Adegoke, Paradigm Initiative
In relation to Brazil’s “Fake News” Bill [Brazilian Congress Bill No. 2630]: “Working in civil society coalitions was really important. This has been important to try to address disparagements amongst ourselves in a safe space before going to advocate publicly. A lot of our successes were through this coalition work.” – Heloise Massaro, InternetLab
eIDAS Article 45: Behind the Scenes
“We as epicenter.works are working on eIDAS from day one and our main focus has been the wallet because as a privacy NGO that’s where we see a drastic attack on anonymity online, but we are equally concerned on Article 45.” – Thomas Lohninger, epicenter works
“From the perspective of an end-user, the browser is a user agent. We have to make a decision that the keys and the certificate we see is a trustworthy one for a particular website.” – Dennis Jackson, Mozilla.
“You can see the overlap between democracy and transparency and what it looks like when you have a state sponsored Certificate Authority (CA) to bypass the rules” – Alexis Hancock, EFF, certbot
Encryption, the Guardian
“Lack of encryption might make it easier to prosecute crimes, but encryption helps prevent crimes and given the choice between prosecuting and prevention, I would take prevention every time.” – Larry Magid, Connect Safely
“The underlying forms of violence, abuse and exploitation are exactly the same in the physical environment, so when you think about how to prevent and respond to these kinds of offenses, you need to really think broader and not just think digital space but really think about the entire child protection system and how you can make that protection system stronger […] It is really important to come up with a holistic approach and not resort to techno-solutionism.” – Dr Sabine K Witting, Leiden University
Encryption, Arrested: The Arrest of Telegram’s Pavel Durov for Failure To Register Encrypted Service
“[Telegram CEO Pavel] Durov was arrested on charges that include failure to register an encrypted service. … And I can say with confidence that Mr. Durov’s arrest was the most talked about development in all of 2024 on the Global Encryption Coalition participants’ list. – Greg Nojeim, Center for Democracy & Technology
“[The law in France requiring registration of an encrypted service] that was used against Pavel Durov, is an old law that nobody actually cared about because it wasn’t enforced, and also because it doesn’t fit with how encryption actually works in the world. It is freely used, distributed and developed. But we see the law can be used like a legal weapon against someone [deemed] an enemy of the state. And here it was Telegram and Pavel
Durov. […] Durov was arrested in a spectacular way and the public prosecutor wanted to disclose information about the case. [That] means that they want to make it political, and they want it to make it as a warning, […] to other encryption or Internet services.” – Noemi Levain, La Quadrature du Net
“I don’t see export [controls on encryption] being something feasible to operate. In particular, if the goal is keeping strong encryption out of the bad guy’s hands, that’s just not going to happen. Once … the cryptography mechanisms in general are widespread, you’re not going to prevent the worst of the worst from using the encryption mechanisms. So all you’re going to do is prevent everyone else from using the encryption mechanisms. And as a result, who will have the weakest communications [security]? It will be the general public. That seems counterproductive to me.” – Daniel Kahn Gillmor, American Civil Liberties Union