Building Trust Encryption

Leaders of the G7: A Safer World Means Strong, Secure Communication

In the recent G7 outcome document “Combating the use of the Internet for Terrorism and Violent Extremist Purposes“, Ministers of the Interior made commitments on content filtering and “lawful access solutions” for encrypted content, which, if implemented, would greatly weaken the security of the Internet, G7 economies and their citizens.

While there is an urgent need to prevent terrorists and violent extremists from exploiting Internet platforms, facing down terrorist threats and cybercrime requires strong, secure communications. Not the opposite.

We find the commitments in the document cause for alarm.

Rather than encouraging Internet companies to weaken their security, global leaders should be discussing how to increase the use of encryption, make it easier to use, and harder to thwart.

Here’s why:

Encryption: What it is and why it is key to your security

As online threats of cybercrime, mass surveillance, data breaches have grown so has the use of encryption – to protect the confidentiality and the integrity of data that we all depend on.

Every responsible citizen wants to stop terrorism, and “lawful access” sounds like a reasonable way to access potentially crucial intel. The idea is that, under the appropriate legal authorization, legitimate law enforcement agencies would be able to intercept encrypted communications between terrorists and other malefactors.

The trouble with this thinking is that protected communications are themselves a matter of security. Protected communications, sent through secure systems with strong encryption, are part of making us safe. They help prevent tampering with critical services, such as electricity and transport, keeping the heat on in winter, the grocery shelves stocked, and your bank account safe.

If such communications could be subverted, it stands to reason that terrorists could also interfere with law enforcement communication, with civil authorities’ ability to communicate with each other, with banking transactions, and more.

It is not possible to maintain points of entry to encrypted messages in such a way that only legitimate law enforcement authorities can use them. Weaknesses in computer systems are discovered by attackers all the time. There is simply no way to prevent weaknesses from becoming known to those who want to attack society.

And, knowing that existing encryption services would no longer be secure, terrorists would simply find alternative encryption options, or devise their own – defeating the whole purpose.

By committing to ask Internet companies to “establish lawful access solutions” for encrypted content (whether at home or abroad), G7 Ministers of Interior are making a grave error that puts one of our most important digital security tools at risk.

To comply, companies might turn off end-to-end encryption, deactivate “encryption on by default” or take away users’ sole ability to decrypt their smartphones. Each of these features has vastly improved the security and privacy of citizens’ communications and data. Or, they may not feel compelled to upgrade their security or to invest in greater security for their customers.

All of which undercuts citizens’ security from terrorists and criminals.

Digital security depends not only on the strength of encryption but also the security of other systems used to provide those encrypted services. If companies provide the means to break into encrypted communications, no one, not even governments, can trust that no one is listening in or that the information has not been changed.

Any promises that encryption would not be affected by ‘lawful access’ simply cannot be kept. Technology that is weakened is just that. Weak.

Content Filtering: Fraught with Challenges and Risks

The G7’s commitments on filtering terrorist and extremist content present additional concerns.

Filtering is fraught with challenges and risks and, in any case, only a handful of online services would have the resources and capacity to build or license such technology. This is a benchmark that only the largest platforms would be able to meet. Further, filtering has different implications for different services at different layers of the Internet. There is always the risk of over-blocking, such as public interest content (e.g. news reports).

Today, no company has the ability to produce a filter that is always reliable. Some very large companies have filters that are very good, but all of them still miss some content that should be filtered and filter some content that should not be. To make a filter that would actually do what we want, we would need artificial intelligence so good that it was indistinguishable from the wisest and most careful humans in history. Humanity has not invented that artificial intelligence yet. For instance, the filters would need to be able to tell the difference between a piece of terrorist propaganda and a legitimate news report about that propaganda. Even before the Internet, there were often disagreements about what represented “legitimate” news reporting, with powerful authorities often attempting to classify embarrassing news stories as illegitimate. There is little reason to believe that using the Internet makes those controversies go away.

Furthermore, messaging services may feel compelled to remove end-to-end encryption from their services so they can proactively filter content, or they may even use this G7 outcome as an excuse to gain fuller access to their users’ data for advertising or other commercial purposes. They might even delay deploying stronger security solutions that might make content filtering more difficult or expensive. All of this impacts your security.

The G7 Leaders’ Summit is August 2019. We have until then to make a difference.

The Internet is often portrayed as a barrier to law enforcement and national security efforts to defend society against terror. But, the Internet provides a remarkably resilient and reliable communications infrastructure when other kinds of infrastructure fail. It is an essential tool for emergency response when disaster (whether human or natural) strikes. And, strong and secure communications make everyone safer by preventing more sophisticated attackers from preying on citizens and businesses whose main focus is not communications security.

The G7 Outcome Document misses an important opportunity to remind everyone why the Internet is one of our most important tools in combatting terror in the first place. The best disinfectant is sunlight, and the Internet provides the means to do that.

Instead of trying to defend society from the Internet, a technology that benefits all humanity, and to close off its potential in an attempt to stop terrorists, governments should use the Internet to build community strength and resilience, to empower citizens to protect their communications, and to promote solidarity. We should not let terrorists sway how we use the Internet.

Time is running out. The 45th G7 Leaders’ Summit is taking place 25-27 August in Biarritz, France. Please act now.


Encryption Is Critical for the Australian Economy

On 17 July 2018, the Internet Society and its locally based chapter, Internet Australia, joined 75 organizations in signing a letter urging Australia not to pursue legislation that could undermine the security of encrypted services and devices used by Australians.

As Internet Society CEO Kathy Brown wrote last year, “strong encryption is an essential piece to the future of the world’s economy … it allows us to do our banking, conduct local and global business, run our power grids, operate communications networks, and do almost everything else”.

Encryption should be the norm for all Internet traffic and stored data.

The Internet Society recognizes the concerns of law enforcement and remains firm in its conviction that encryption is an important technical solution that all Internet users should use to protect their communications and data. Legal or technical measures that weaken encryption or other digital security tools will place the well-being of law-abiding Australians, and the Internet at large, at risk.

We urge you to stand with us in support of encryption.

Voice your support via #aussiesencrypt.

Improving Technical Security Privacy Reports

Join forces to eliminate spam – read the new report from the CRTC

What are the best ways to reduce spam? How can we work together to reduce this threat and create a more trusted Internet?

Last October, in the vibrant city of Bangkok, the Internet Society joined regulators for an in-depth conversation about how to eliminate spam and its harmful effects. Our kind hosts were the Canadian Radio-television and Telecommunications Commission (CRTC) and the International Institute of Communications (ICC).

The CRTC has published a comprehensive and insightful report on the workshop, capturing the key issues, observations, and ways forward. We encourage you to read it carefully. First and foremost, take note of the answer to “why act now?” – it’s a shared responsibility.

This principle lies at the heart of the Internet Society’s Collaborative Security approach. We have a collective responsibility to care for the Internet for everyone.

Spam is not just a nuisance: it’s a vector for malware, fraud and attack. Gone are the days when spam was just an unwanted email. Today, spam is big business.

Spammers are continually adapting their activities to find new ways to: exploit users; maximize their profits; and avoid law enforcement. Two areas of increasing concern are botnets and ransomware, both of which are propagated by spam. Europol’s Serious and Organised Crime Threat Assesssment for 2017 states that ransomware has become “… the leading malware in terms of threat and impact”. And, one only has to look about to the 2016 Mirai botnet DDoS attacks to understand the risk they pose to the stability of the Internet.

Eliminating spam requires efforts on all fronts: legal, technical, economic and social. It’s a problem that will need a collection of solutions, carried out through collaboration across borders and across disciplines.

What can governments do? Governments can contribute to combatting spam and its harmful effects by:

  • deterring bad actors through law and enforcement
  • empowering citizens to avoid the dangers of spam
  • fostering cross-discipline anti-spam efforts
  • encouraging anti-spam best practices
  • supporting anti-spam research.

What can you do? Join the fight against spam. Go to our anti-spam toolkit to find out what you can do to protect yourself and others.


Encryption Improving Technical Security Privacy

Encryption Backdoors Come In All Guises – Reacting to Apple’s Customer Letter

Have you ever lost your smartphone or had it stolen? Have you ever worried that your passcode may not be strong enough? Didn’t you have a sigh of relief when you remembered that you had enabled the feature that would erase your data after 10 failed attempts?

The Internet Society is very concerned to learn about the recent order from the United States District Court for the Central District of California  requiring Apple to bypass or disable the auto-erase function on a seized iPhone and to enable the FBI to more effectively conduct a brute force attack on the device. Yes, the order is for only one device and sought for good intentions (i.e. law enforcement), but as Apple’s CEO points out:

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The order is, in essence, asking Apple to build a means to attack the security measures it has put in place to protect its users’ data from malicious actors.

While not technically an “encryption backdoor”, it could have the same practical effect.

Further, this approach is contrary to the spirit of the Secure the Internet petition recommendations, specifically:

  • Governments should not mandate the design … or vulnerabilities into tools, technologies, or services.
  • Governments should not require that tools, technologies, or services are designed or developed to allow for third-party access to unencrypted data ….
  • Governments should not, either by private or public agreement, compel or pressure an entity to engage in activity that is inconsistent with the above tenets.

which the Internet Society has signed to show its support for these guiding principles.

There is no doubt that having access to information is vital for law enforcement, and we are mindful of those needs, but we believe this outcome is not the solution.

We agree with Apple and others that there needs to be an open, transparent, public discussion about these issues.

On our main encryption page we provide links to resources, articles and projects that we support. We encourage you to review those materials and to share them widely.

We do not believe backdoors – in any guise – will help bring about a more trusted Internet. Please join with us in working to find solutions!

P.S. If you are an Internet Society member (or want to join – it’s free), you can discuss this in our Connect forums.

Image credit: Erich Ferdinand on Flickr. CC BY

Improving Technical Security Open Internet Standards Technology

Security in June: An origami ballet of collaboration

June is another busy month for the Internet Society in the area of Internet security.

People are what ultimately hold the Internet together. The Internet’s development has been based on voluntary cooperation and collaboration. Cooperation and collaboration remain the essential factors for its prosperity and potential.

This is the spirit of the various events that the Internet Society team is participating in this month.

On 4 June, I was honoured to participate in the European Agency on Network and Information Security (ENISA) Permanent Stakeholders’ Group (PSG) meeting in Athens. The PSG provides advice to ENISA’s Executive Director on the Agency’s programme of work and communication with relevant stakeholders.

Meanwhile, Dan York presented the Internet Society’s Collaborative Security approach for tackling Internet security issues in the Cybersecurity: bringing the puzzle together workshop at the European Dialogue on Internet Governance (EuroDIG) in Sofia on 5 June.

Last week, the Internet Society participated in a combined Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG) and London Action Plan (LAP) meeting in Dublin where the Operation Safety-Net Best Practices to address online, mobile, and telephony threats was officially launched. Karen Mulberry was one of the contributors to this very useful resource.

On 9 June, Jan Zorz coordinated the 10th Slovenian IPv6 summit where there was a heavy emphasis on IPv6 security in the keynotes and sessions, and Phil Roberts spoke about network security at the Big Telecom Event (BTE) in Chicago on a panel entitled “Network Security: Is Security the Big Showstopper?”

On 16 June, Robin Wilton spoke on a panel regarding often forgotten digital trust issues at the UK Internet Governance Forum.

Tomorrow, 18 June, Olaf Kolkman will deliver a keynote at the 27th annual FIRST Conference on Collaborative Security – Reflections about Security and the Open Internet, addressing the CSIRT community. (Read yesterday’s blog post about it!)

Mat Ford will moderate a panel discussion as part of the Co-ordinating Attack Response at Internet Scale (CARIS) workshop in Berlin on 19 June. The workshop agenda is packed and a key outcome will be to provide greater awareness of existing efforts to mitigate specific types of attacks and greater understanding of the options others have to collaborate and engage with these efforts.

Also this week, Frédéric Donck will participate in panel at the St. Petersburg International Economic Forum (SPIEF) on Building Effective Cybersecurity Systems, taking the opportunity to highlight the application of Collaborative Security to Internet security issues in the region.

At the same time, in Strasbourg, at the kind invitation of the Council of Europe, I will be illustrating the Collaborative Security approach in the context of tackling botnets in a workshop at the Octopus Conference on Cybercrime (17-19 June 2015) on policies, activities and initiatives on cybercrime of international and private sector organisations, and then debating issue related to security, privacy and the rule of law in the cloud in the plenary on Friday.

Next week, the Internet Society will participate in a meeting of the OECD Working Party on Security and Privacy in the Digital Economy (SPDE) in Paris. We also coordinate the Internet Technical Advisory Committee (ITAC)’s participation in the OECD.

Meanwhile, in Buenos Aires, Argentina, Dan York will be involved in a series of sessions related to DNS security (DNSSEC) at the ICANN 53 meeting.

All in all, a busy month. We hope to see you out there!

Building Trust Encryption Privacy

I Just Want to Communicate Confidentially: Is That too Much to Ask?

The need for confidential communication and finding it difficult to achieve is a sentiment that spans national borders and cultures. That is the message from the Internet Society’s survey regarding confidential online communication.

Before diving into the results, we need to insert a disclaimer: we recorded 1347 responses, indicating global interest in this issue. However, we consider the sample to be too small to be representative and assume a self-selection bias towards respondents with an interest in confidentiality.

The results confirmed our hypothesis that the ability to communicate confidentially online is important to caring Internet users irrespective of where they reside.

They also show that uncertainty as to whether a communication would be confidential causes some users to choose not to communicate online in various circumstances.

Trust is a key component for users:

  • trust in their devices, the applications they use, and the networks that their data traverses;
  • trust that they are communicating with the intended “communicator”;
  • trust that their communications are not being monitored;
  • trust that their communications will not be exposed by the recipient without their permission.

The responses also illustrated that encrypted communication is not easy. There are a number of fundamental obstacles, including:

  • insufficient information/guidance on how to use the tools;
  • usability issues;
  • dependency on other users using the same tools;
  • incompatibility between tools/interoperability hurdles/poor tools.

And … the potential harm from unwanted exposure of confidential online communications can be wide-ranging – discomfort, embarrassment, financial harm, lost opportunity, loss of reputation, feeling that privacy has been violated, feeling of being observed, self-censoring, feeling powerless, feeling of insecurity, erosion of authority, reduced/loss of trust, etc.

The results also highlight that there is a need for:

  • greater transparency as to what happens to Internet users’ communications data (including any surveillance that may or may not occur);
  • better tools and guidance;
  • neutral, trusted and respected sources of information;
  • legal parameters.

We invite you to read the full report Communicating Online Confidentially and to share with us your thoughts on how to improve Internet users’ ability to communicate confidentially online.

Finally, we would like to thank everyone who responded to our request for information about their needs and expectations when they communicate online. We received some very thoughtful responses that really help highlight some of the key challenges, gaps and opportunities. ​

Improving Technical Security Mutually Agreed Norms for Routing Security (MANRS) Technology

Seeking More Internet Leaders for the Routing Resilience Manifesto: Do You Have MANRS?

It’s been two weeks since we launched the Routing Resilience Manifesto initiative, featuring the Mutually Agreed Norms for Routing Security (MANRS) document, and we’re proud to see three new participants sign up since hearing about it. But we need more operators from around the globe to step up and publicly commit to improving the security and resilience of the global Internet! Will you join us?

Some history – work on the Routing Resilience Manifesto began more than a year ago, when a group of network operators met at IETF87 in Berlin to discuss how improvements can be facilitated in the global routing system. The result is four concrete Actions that define the minimum package that network operators should consider implementing. These Actions were vetted by the operator community and published as the MANRS document on 6 November. The participants have publicly committed to implement specific Actions that:

  • prevent propagation of incorrect routing information,
  • prevent traffic with spoofed source IP addresses,
  • facilitate global operational communication and coordination between network operators, and
  • facilitate validation of routing information on a global scale.

In order to become a participant of this initiative, a network operator has to implement one or more Actions. But the Routing Resilience Manifesto is more than just the MANRS document, it is a commitment to improve the global Internet.

The goal of the initiative is to make this set of Actions the new norm for the Internet, which will lead to significant improvements in the security and resilience of the global routing system. To make this happen, the Manifesto needs more “weight” and awareness to become an incentive for operators to implement the required security measures.

We are looking for leaders, the network operators who take security and resilience seriously and have already implemented these Actions and probably many more. We are looking for leaders whose reputation will motivate others to step up.

If you are such a leader: We ask you to demonstrate your commitment and sign up at

If you know such leaders in your region: Please let us know about them by contacting us at

I hope you will join us!

Building Trust Improving Technical Security Open Internet Standards Technology

Improving Global Internet Routing Security – Your Feedback Needed

How can we work together to improve the security and resilience of the global routing system? Vulnerabilities are well known and have manifested themselves many times – from the YouTube incident, to China’s deflection of Internet traffic, to the Indosat incident.

Last year, we published “Understanding Security and Resilience of the Internet” in which we explained our view that collaboration is an essential component of effective security – “Ultimately, it is people that hold the Internet together.” There are several technologies and best practices available to mitigate these risks, but the traditional approach of just protecting our own assets is not good enough; the Internet demands a sense of collective stewardship and shared responsibility to be truly secure and truly resilient to attack.

A small group of network operators has been working on defining a minimal – but absolutely feasible – package of recommended measures that, if deployed on a wide scale, could result in visible improvements to the security and resilience of the global routing system. Many operators are ahead of the curve and already implement much more than the proposed recommendations. But we believe that gathering support for these relatively small steps could pave the road to more significant actions on a global scale.

We called this set of recommendations a Routing Resilience Manifesto. You can find the proposed document here:

This initial Manifesto was drafted by a small group, but we need a wider community review, your feedback, and, ultimately, your support to make this initiative fly. It was already presented at several venues, like RIPE and NANOG, and now we open it for a more detailed review. This is very much a work in progress and your input is essential in improving the document. For example, it would be useful if we could point to specific BCOPs and other documents providing detailed guidance on implementing the Manifesto recommendations.

I invite you to read the document and send your feedback and text suggestions online or via by 31 August 2014.

Next steps

Once the document gets a thorough community review and the feedback is incorporated, we will be ready for the next phase – spreading the word and mounting support for the recommendations outlined in the Manifesto.

The objective is to publish this Manifesto along with a growing list of supporters – operators that publicly commit to collective responsibility and collaboration for routing resilience and security and implement the measures defined in the Manifesto.

In the meantime, please review the document and also think whether you’d be able to publicly commit to this Manifesto. Why or why not? This feedback is also important.