The president of the Canadian Internet Registration Authority (CIRA), Byron Holland, is actively wondering if Canada intends on weakening encryption.
We are now one day away from Election day in Canada. It seems that we are no longer the only ones wondering where the debate surrounding encryption went during this election cycle. On the day the writ was dropped, we posted how many critical technology issues could get lost during the debate. Here’s a bit of what we wrote at the time:
It’s not to say digital issues aren’t happening. In fact, things have been quite active on that front from a Canadian perspective. There are privacy issues such as the fact that people’s phone numbers are up for sale thanks to a Facebook data leak or Canada’s proposed war on encryption which received considerable pushback.
Fast forward to last week, we published a roundup of all of the election platforms as they pertain to technology and digital rights. One of those issues that is largely absent (save maybe the Green Party who did touch on security issues on a couple of places.)
Up until now, it seemed like we here at Freezenet have been pointing out this gaping hole in potential election issues. Since we take a global approach to covering critical news that matter to you, all this not talking about encryption is happening in the context of other countries declaring war on encryption among other things. Now, it seems that someone else is finally taking notice of this issue.
The president and CEO of the CIRA has recently published an opinion piece expressing his concerns about the future of encryption in Canada. The opinion piece would almost have you believe that Holland frequently reads Freezenet. If true, that would be pretty cool.
First, Holland starts with the analogy of what would happen if the government asked every citizen to leave doors unlocked at all times. The rational being that locked doors would get in the way of emergency personnel, so in the name of security, everyone should leave their doors unlocked. Holland asked if that sounds crazy, then points out how the “Five Eyes” spying organizations are demanding just that.
After that, Holland references Ralph Goodale openly considering joining the war on encryption. Then, there is a reference to the joint letter from the US, UK, and Australia demanding Facebook drop it’s efforts to secure user messaging with encryption. Holland also references the more than 100 rights organizations pushing back against these efforts.
From there, Holland makes the case as to why encryption is important. From the Macleans post:
First, strong encryption is essential to the secure operation of the .CA domain. It helps protect the sensitive, personal information of the owners of over 2.8-million .CA domain names. Encryption also enables a number of security protocols that prevent phishing attacks, domain hijacking, and other cyberattacks. In fact, our most recent data on cybersecurity shows that 71 per cent of Canadian organizations were victims of such attacks in the last year.
Second, weakened encryption would have downstream effects for our primary user base: small- to medium-sized businesses across the country. These business owners rely on encrypted services to secure their online transactions. Without reasonable assurance that consumers’ financial information is protected from snooping eyes, they will lose trust in online commerce, and Canada’s digital economy will suffer.
At the heart of the encryption debate is the question of trust. It’s no secret that public confidence in the internet has taken a tumble. Nearly one-third of Canadians say they have been victim of a cyberattack according to our survey, and it seems that every day there is a new story about Canadians’ data being leaked. Right now, we need technologies that help build trust in, and strong encryption is one of the best tools we have for the job.
With the federal election just around the corner, we’re pleased to see that most of the major parties have chosen to make privacy and cybersecurity an election issue. Unfortunately, their platforms offer no window into their thinking on the future of encryption in Canada.
In 1998, Canada adopted its official “cryptography policy,” which rejected the backdoor approaches being pushed at that time. Since then the government has resisted new calls to weaken encryption, but pressure from allies is growing. Please think about where each party stands on cybersecurity and encryption, and what they plan to do to keep Canada’s users safe.
The good news here is that someone else with a good deal of authoritiy is finally standing up and directly making the case for encryption. It certainly is badly needed in the Canadian election. The bad news is that this well thought out and well researched push came on the Friday before election day.
As such, it might be a bit late to change very many minds. The window for advanced polling has come and gone and the only people left undecided at this stage are generally people who show up at the polling booth without really making up their minds up to that point. A number of them are probably sitting there, looking at the ballot paper, and thinking, “sure, sounds good” without much further thought. Others are probably watching how things shake out during the election cycle and thinking about how it all played out on TV or in the newspaper. The chances of any of them finding this opinion piece on such a deep issue and then deciding accordingly is actually quite small now.
Had this opinion piece been published much earlier on in the election, the effectiveness might have been much more significant. Experts would have opined on the subject as well in response. Political junkies would bandy the issue about for a few days in the context of everything else. There would have been the possibility it would have been brought up in the earlier political leaders debates. The issue might have gotten some playback on some outlets after amidst all the other issues. By the time advanced polling opened up, there would have been fruitful discussion on encryption.
While the value of this contribution may have been diminished because of the timing, it’s not a total loss. There are plenty of Canadians thinking that we could wind up in a minority government situation. So, there is the possibility that if the issue crops up during the next government, people might have had a fruitful discussion surrounding encryption and push back against efforts to crack down on efforts should the government feel the need to legislate security away. If this next government winds up falling within a year, then that would allow these issues to be more meaningful to Canadians.
As of now, the bar for this election wound up being, “hey, someone actually brought up the issue of technology in general” for the most part. We can only hope that as Canadians proceed, the country can actually raise that bar to “where do parties stand on these issues?”
Drew Wilson on Twitter: @icecube85 and Facebook.