From UPSC perspective, the following things are important :
Prelims level : End-to-end Encryption
Mains level : Read the attached story
Apple recently announced that it will be increasing the number of data points protected by end-to-end encryption on iCloud.
What is end-to-end encryption?
- End-to-end encryption is a communication process that encrypts data being shared between two devices.
- It prevents third parties like cloud service providers, internet service providers (ISPs) and cybercriminals from accessing data while it is being transferred.
- The process of end-to-end encryption uses an algorithm that transforms standard text into an unreadable format.
- This format can only be unscrambled and read by those with the decryption keys, which are only stored on endpoints and not with any third parties including companies providing the service.
- This encryption has long been used when transferring business documents, financial details, legal proceedings, and personal conversations.
- It can also be used to control users’ authorisation when accessing stored data, which seems to be what Apple intends to do.
Where is it used?
- End-to-end encryption is used to secure communications.
- Some of the popular instant-messaging apps that use it are Signal, WhatsApp, iMessage, and Google messages.
- However, instant messaging is not the only place where user data is protected using end-to-end encryption.
- It is also used to secure passwords, protect stored data and safeguard data on cloud storage.
Why are tech companies using it?
- Preventing data breach: Tech companies often cite data breach issue.
- Extra protection: Encryption puts extra layer of protection that would protect valuable digital information against hacking attacks.
- Prevent snooping: It is also seen as a technology that secures users’ data from snooping by government agencies, making it a sought-after feature by activists, journalists, and political opponents.
- Capital generation: It showcases any company’s position as a provider of secure data storage and transfer services.
What does it mean for users?
- End-to-end encryption ensures that user data is protected from unwarranted parties including service providers, cloud storage providers, and companies that handle encrypted data.
- Encrypted data can only be decrypted by trusted devices.
- No one else can access this data and it remains secure even in the case of a data breach in the cloud storage.
Why are government agencies unhappy with it?
- The FBI in a statement expressed displeasure at the idea of increasing use of end-to-end encryption by technology companies.
- It said that while it remains a strong advocate of encryption schemes that give “lawful access by design”, that would enable tech companies “served with a legal order” to decrypt data.
- Attempts by government agencies across the globe, in the past, to access encrypted data hosted and stored by tech companies have met with strong resistance.
- Law enforcement agencies seeks to weaken encryption with backdoors.
- Thus is considered ill-advised and could compromise the reliability of the internet.
Click and get your FREE Copy of CURRENT AFFAIRS Micro Notes
(Click) FREE 1-to-1 on-call Mentorship by IAS-IPS officers | Discuss doubts, strategy, sources, and more