WASHINGTON (June 21, 2021)—In June 2020 the Lawful Access to Encrypted Data Act was introduced, which could compel companies to assist governments by breaking their own encryption. This led some to declare that the encryption wars were back. But in reality, the encryption debate never truly went away in the United States.

In a new policy study from Kathryn Waldron, resident fellow and Sofia Lesmes, research assistant on R Street’s cybersecurity and emerging threats team, discuss how the encryption debate in the United States has been marked by a number of high-profile events since the early Crypto Wars in the 1990s that have shaped the debate into the limiting binary of privacy versus security.

The enduring nature of the encryption debate is partially due to a lack of common language, the increased availability of encryption services and a lack of a whole-government approach to cybersecurity.

The way forward for encryption is multifaceted and requires effort from both sides of the debate. Policymakers should capitalize on the inauguration of a National Cyber Director to streamline the encryption policy debate. Additionally, establishing a Bureau of Cyber Statistics would help paint a clearer picture of how many investigations are stifled by encrypted communications, instead of allowing individual high-profile events to dominate the debate. Finally, stakeholders need to change the language of the debate’s language, avoiding certain terms that are either too confusing or too polarizing to be of any value, and instead reframe the debate under the guise of security versus security.

“From the early Crypto Wars to similar debates today, the encryption debate has moved slowly. This is due to factors including a lack of cohesive language, an unsteady hand from government actors throughout the decades and events that happen as a result of unresolved questions,” state Waldron and Lesmes.

Featured Publications