Available updates: The Crypto Summit

Release Notes:

Global Developments

Obama Administration Policy Updates

Crypto Summit 1.0 Outcomes

Announcement for Crypto Summit 2.0

Encryption is at the heart of the debate over the future of the internet. Can we rely on encryption to protect our safety and security online? Can we express our fundamental rights in the digital age? Do governments have ultimate control over cybersecurity and the internet?

We are about halfway between the Crypto Summit 1.0 this past July and the Crypto Summit 2.0, which will take place at RightsCon in March 2016. In the meantime, the global encryption conversation has intensified. Critical questions remain unanswered. Below, we take a look at the past, present, and future of encryption.

Global Developments

After the tragic attacks in Paris (shortly followed by the attacks in Beirut), there was immediate speculation as to the whether the attackers used encryption to avoid detection. Now, however, the answer seems to be — at least in part — no.

The attacks took place in the context of a global encryption debate that was already was heating up, engaging leaders and citizens alike. For instance, when the government in India posted draft legislation that would have required storing users’ data in plain text for 90 days — in addition to other troubling measures — there was immediate public outcry. The government responded by announcing that it would redraft the policy. In the U.K., citizens and non-government groups spoke out against lawmakers’ plans to increase domestic surveillance. The government subsequently downplayed its attempts to limit the use of encryption. Nevertheless, the U.K. still appears to be on the path to prohibiting end-to-end encryption. The series of attacks and threats in Europe are only adding fuel to the fire of this debate.

Obama Administration Policy Updates

At the Crypto Summit 1.0, the U.S. government made a declaration in support of strong encryption, but that call was undermined by the FBI’s continued advocacy of legislation that would force companies to build backdoors into encrypted products and services.

We have since learned that the government won’t seek legislation to weaken encryption — at least for now. However, as participants at the Crypto Summit 1.0 noted, sometimes crises like the one we’re experiencing right now can spur the passage of misguided laws developed in haste to demonstrate that governments are “doing something” to fix the problem. We believe that is a  grave mistake that we should not repeat.

That’s why Access Now and our partners launched a petition at SaveCrypto.org where more than 100,000 people in the U.S. have now asked President Obama to make an official, affirmative policy statement supporting strong encryption and security for all of us. The Obama administration has given itself 60 days to respond.

Crypto Summit 2.0 can’t get here soon enough. We hope you’ll join us in San Francisco in conjunction with RightsCon in March 2016. But before we look ahead, here’s an overview of what we learned at the inaugural session (you can also check out the photos and videos of each session at the Crypto Summit site).

Crypto Summit 1.0 Outcomes

 At the Crypto Summit 1.0, participants examined the history of encryption policy, the technology behind encryption, the legal landscape, and the biggest challenges and opportunities posed by encryption tools and technologies. We also explored how experts envision the future based on the possible outcomes from the current debate. While the focus was on the current and proposed laws and policies in the United States, we also addressed the global debate, including discussing what is happening in the U.K., China, and elsewhere. Further, the discussion addressed the international impact of domestic policies.

Here are five key takeaways from these discussions (you can read the full Crypto Summit 2015 Outcomes Report here – PDF):

1.) The U.S. Department of Commerce voiced incontrovertible support for strong encryption.

2.) Participants, on and off the stage, identified critical questions surrounding the use of encryption that will be used to frame an in-depth series of working group discussions at Part II of the Crypto Summit.

3.) David Kaye, the United Nations Special Rapporteur on the Promotion and Protection of the Right to Freedom of Opinion and Expression, announced plans to study the corporate role in delivering access to information and facilitating free expression online.

4.) Access Now soft-launched the Digital Rights and Business: A Primer on Risks and Solutions for the ICT Sector memorandum.

5.) Civil society and industry initiated a process to develop a positive cybersecurity agenda.

Announcement for Crypto Summit 2.0

The attacks in Paris, Beirut, and elsewhere are sparking a surge in conversation about the law enforcement and encryption. Access Now U.S. Policy Manager Amie Stepanovich recently articulated how encryption protects users. We believe that in any debate about encryption, we need to consider individuals’ safety, security, and fundamental rights.

That’s why we’re holding Part II of the Crypto Summit at RightsCon 2016, in the broader context of the most important conversations that are taking place about keeping the internet open and secure. There we plan to discuss, in addition to the issues surrounding law enforcement and intelligence, how encryption protects people whose rights are at risk, how new tools can make encryption easier to use, how companies can protect individuals through encryption, and how these technologies impact people and societies around the world.

It’s vitally important that we take the discussion about encryption policy in a constructive direction. We hope you’ll join us in that endeavor.