That is how Electronic Frontier Canada, a group dedicated to civil liberties on the Internet, explains the threat posed by the policy of "mandatory key recovery", now being considered by the federal government. Such a policy should concern anyone who values free speech and privacy.
Right now, a typical Internet message can be intercepted by any halfway competent hacker. There is simply no privacy. To deal with this problem, encryption technology scrambles messages, making them look like gibberish to anyone but those who hold the code.
This may sound as old as "Enigma" and Bletchley Park. But modern computers have produced codes so sophisticated that, even with equally powerful computers working to crack the codes, the possibility of invincible encryption has arrived.
It is a possibility that terrifies the police, who are afraid organized crime will latch onto the technology. For this reason, the RCMP, CSIS, and other police agencies are pushing the government to ban encryption they can't break into.
One proposal is to require that police get a "key" to every code in use. Then, if they can persuade a judge to give them a search order, they would simply retrieve a target's key and start snooping through his e-mail.
The problems with "mandatory key recovery" are legion, starting with the fact that a key registry would be both horribly complex and an enticing target, not only for organized crime, but for foreign nations and terrorist groups, who, if they hacked or bribed their way into it, could eavesdrop on practically any Internet communication in Canada.
The possibility of keys being "stolen" would also have serious consequences. At the moment, the Internet's commercial potential is stunted by the fear of consumers that their communications, particularly financial ones, are not securely private. A mandatory key recovery policy would keep that fear alive and thus muffle the economic boom the Internet promises -- which is why the OECD and the European Union oppose the policy.
Moreover, mandatory key recovery has an Achilles heel: It requires a ban on cryptographic products with no "keys", that is, those that don't allow the government to eavesdrop. Such a ban would be "unenforceable in practice", according to Dr. Charles Rackoff of the University of Toronto, "since the basic mathematical methods are published and well known and can easily be implemented in software by any bright high school student".
This is just another example of why civil libertarians are so delighted with the Internet: So far, the technology has defeated government efforts at control and made it a truly free forum. But even if the regulators do catch up technologically, society should maintain liberty in cyberspace because it's the right thing to do.
The idea that we only be allowed to use e-mail accessible to the police offends against the whole idea of free speech: That we are free to communicate when, what, and as we wish. What if the police were to argue that, because mobsters who whisper in their bedrooms can't be heard on police bugs, all whispering in bedrooms must be banned? The needs of the police cannot be allowed to trump fundamental liberties.
Necessity being the mother of invention, if eavesdropping becomes ineffective, we're sure the police will come up with innovative new techniques. (They might start by legalizing the drug trade that finances organized crime.)
Because the technical issues leave the public cold, policymakers grappling with the consequences of the Internet explosion have done so largely free of public scrutiny. That's unfortunate. The decisions made now, in the Internet's infancy, will shape its maturity. And many dangerous ideas are now being proposed.
Mandatory key recovery is one such idea. When the government sets its encryption policy in the fall, we trust it will leave the keys in our pockets.