Riana Pfefferkorn is a lawyer-turned-research scholar at Stanford University in the U.S.A. She sat down with us for a Q&A about encryption, protecting kids online, and the ripple effects of misguided legislation. This interview has been condensed and edited for clarity.
Q: Tell us more about your work on encryption.
A: I try to study and analyze bills that might—either overtly or covertly—have a negative impact on the availability of strong encryption that has no back doors or other intentional weaknesses in it. This applies to both devices and communications.
After spending time in private practice as a lawyer working on a lot of online consumer privacy issues, I developed an interest in the intersection of technology, law, and civil liberties. Being at Stanford enables me to work at that intersection.
My work since coming to Stanford has tried to focus on encryption policy, which has continually been under threat from around the world.
Q: Why is it so important to be scrutinizing bills that affect encryption?
A: We’re in a place where almost all traffic on the web is encrypted. It’s terrific. That said, it’s kind of a whack-a-mole job trying to keep track of the bills that still threaten an open, free, and secure Internet in different parts of the world at a given time.
Q: Which bills are you concerned about right now? Why?
A: In the U.S., it’s the STOP CSAM Act and the Kids Online Safety Act. It’s the ongoing debates over child sex abuse regulation in the European Union. And finally, it’s the Online Safety Bill in the UK.
The biggest threat is democratic governments around the world using child safety as a rationale for proposing legislation that could very easily have the effect of making it illegal to offer strong end-to-end encryption to users in those jurisdictions—and by consequence, potentially in other jurisdictions as well.
Q: Why should people pay attention to bills in countries other than their own?
A: Anything that happens with regulation that affects encryption in one country will affect other countries because of the nature of the Internet. It’s international.
These companies that provide these services are not confined to the market of just one country, and so, what they are required to do in any given nation will affect how they provide service in other countries.
Q: What’s an example of a ripple effect?
A: You know, I think, one of the most troubling tendencies that we see is that the calls for reduction to a strong encryption, or to take other measures that undermine the security and privacy and openness of the Internet, are now coming largely from Western democracies, such as the United Kingdom.
That provides cover to more authoritarian regimes and places like China and Russia to propose the same and gives very little standing to democracies to try and distinguish themselves, because they say: “Well, those guys are doing it.”
Q: What can people to do defend encryption?
A: If you’re someone from a technical or policy background, it could be about highlighting to the people you love that the privacy and protection afforded to them is under attack by their own legislators.
Many societies have connected every function of society to the Internet, so data and privacy and data security are a fundamental need.
It’s not simply a question of individuals just exercising their personal rights to privacy. It’s an economic issue. It’s a national security issue.
Learn more about why encryption is the best tool we have for keeping ourselves safe online.
Image copyright: ©Unsplash