https://academic.oup.com/cybersecurity/article/10/1/tyad020/7590463
"Our increasing reliance on digital technology for personal, economic, and
government affairs has made it essential to secure the communications and
devices of private citizens, businesses, and governments. This has led to
pervasive use of cryptography across society. Despite its evident advantages,
law enforcement and national security agencies have argued that the spread of
cryptography has hindered access to evidence and intelligence. Some in industry
and government now advocate a new technology to access targeted data:
client-side scanning (CSS). Instead of weakening encryption or providing law
enforcement with backdoor keys to decrypt communications, CSS would enable
on-device analysis of data in the clear. If targeted information were detected,
its existence and, potentially, its source would be revealed to the agencies;
otherwise, little or no information would leave the client device. Its
proponents claim that CSS is a solution to the encryption versus public safety
debate: it offers privacy—in the sense of unimpeded end-to-end encryption—and
the ability to successfully investigate serious crime. In this paper, we argue
that CSS neither guarantees efficacious crime prevention nor prevents
surveillance. Indeed, the effect is the opposite. CSS by its nature creates
serious security and privacy risks for all society, while the assistance it can
provide for law enforcement is at best problematic. There are multiple ways in
which CSS can fail, can be evaded, and can be abused."
Via
The RISKS Digest Volume 34 Issue 5:
http://catless.ncl.ac.uk/Risks/34/5#subj7
Cheers,
*** Xanni ***
--
mailto:xanni@xanadu.net Andrew Pam
http://xanadu.com.au/ Chief Scientist, Xanadu
https://glasswings.com.au/ Partner, Glass Wings
https://sericyb.com.au/ Manager, Serious Cybernetics
