> [1] In your view, can there ever a point when there can be too much encryption — and if so, what is that point? In other words, do you think there could ever be a point at which crypto is so widely used in so many contexts to protect so much data so strongly, that you would think that the marginal costs of more and better crypto begin to cause more harm than good?
It seems to me that in general any given person is much more likely to suffer a digital crime than to commit a crime. And it seems to me that it is generally better to prevent crime than to solve a crime already committed. Therefore better consumer data encryption should tend to have a net positive effect.
And I think that as long as there is a court mechanism to compel decryption--via a warrant, for example--then many "bad guys" can still be kept off the streets. They won't decrypt their data? Cite for contempt and lock them up.
Will this make it harder for police to solve some crimes? Of course, but we accept those trade-offs all the time. It's inherent in our culture and system of government. The cops could solve a lot more crime if they had cameras in all our houses too. Doesn't mean that is a good idea or net positive.
> [2] If the government can’t get access to contents, even with a warrant, and that ends up substantially shifting the privacy-security balance, the Supreme Court will respond by expanding government power in other ways to counteract that shift and restore the prior balance of power. We’ll get more privacy in some ways from more technological protection, but less privacy in other ways from having less constitutional protection. So here’s the question: What privacy tradeoffs might the Supreme Court make in response to strong encryption that would more-or-less restore the prior balance of constitutional protection?
In this question, I think Kerr is not thinking through the implications of what Snowden revealed. It appears to me that we have already suffered a dramatic reduction in our legal protections of privacy, due to laws, executive orders, secret court authorizations, NSA/GCHQ overseas hacks, etc. since 9/11.
From this perspective, Apple's encryption change is actually adjusting the equilibrium back toward where it should be, not knocking it out of balance.
Part 1: https://news.ycombinator.com/item?id=8349006
Part 2: https://news.ycombinator.com/item?id=8349568
Kerr asks two questions in this latest post:
> [1] In your view, can there ever a point when there can be too much encryption — and if so, what is that point? In other words, do you think there could ever be a point at which crypto is so widely used in so many contexts to protect so much data so strongly, that you would think that the marginal costs of more and better crypto begin to cause more harm than good?
It seems to me that in general any given person is much more likely to suffer a digital crime than to commit a crime. And it seems to me that it is generally better to prevent crime than to solve a crime already committed. Therefore better consumer data encryption should tend to have a net positive effect.
And I think that as long as there is a court mechanism to compel decryption--via a warrant, for example--then many "bad guys" can still be kept off the streets. They won't decrypt their data? Cite for contempt and lock them up.
Will this make it harder for police to solve some crimes? Of course, but we accept those trade-offs all the time. It's inherent in our culture and system of government. The cops could solve a lot more crime if they had cameras in all our houses too. Doesn't mean that is a good idea or net positive.
> [2] If the government can’t get access to contents, even with a warrant, and that ends up substantially shifting the privacy-security balance, the Supreme Court will respond by expanding government power in other ways to counteract that shift and restore the prior balance of power. We’ll get more privacy in some ways from more technological protection, but less privacy in other ways from having less constitutional protection. So here’s the question: What privacy tradeoffs might the Supreme Court make in response to strong encryption that would more-or-less restore the prior balance of constitutional protection?
In this question, I think Kerr is not thinking through the implications of what Snowden revealed. It appears to me that we have already suffered a dramatic reduction in our legal protections of privacy, due to laws, executive orders, secret court authorizations, NSA/GCHQ overseas hacks, etc. since 9/11.
From this perspective, Apple's encryption change is actually adjusting the equilibrium back toward where it should be, not knocking it out of balance.
edit: formatting