Understanding the Encryption & Decryption Debate

What is Encryption? 

In order to understand the concept of Decryption, it is essential that we firstly explain- encryption.  

When a person shares information on the internet, it passes through a series of worldwide networks, all of which constitute part of a “public internet network”. Hence, encryption becomes essential as your data travels through a public internet network, making your data more prone to breaches and other potential risks. With the help of encryption, your data gets converted into code in an unreadable format. In order to decode such data, the party would need a “digital key” similar to the one the sender has.  

The entire process of encryption has been divided into three phases-  

  1. Plain Text,
  2. Cypher/Encrypted Text,
  3. Decipher/Decrypted Text.

The first phase- When we say “plain text”, it means that the text is in a readable format but just to the sender and the recipient. However, for a third-party, such texts are not in a readable format and are encrypted; that’s the second phase. When the recipient receives the message from the sender, it gets decrypted by using the same key, the third phase.   

The Power of Decryption 

Now that we have briefly covered what encryption is and how it functions, it will be easier to explain- Decryption. Since encryption allows only the sender and the intended recipient to view and edit the messages, nobody can consider or access such statements, not even the messaging platforms. With the help of Decryption, any user can break the encrypted messages and access them in a readable format, just as the sender and the receiving party can view such messages.   

Decryption laws enable law enforcement agencies and courts to decrypt encrypted messages or any encrypted transaction. 

The Issue 

Lately, there has been a massive rise in crimes pertaining to online fake and awful news, especially in India via WhatsAppFacebookTwitter, and many other such platforms that have come into the eyes of the government and law enforcement agencies. Still, due to the encryption model that these intermediaries are based on, both the government and law enforcement agencies cannot trace or identify the actual perpetrator or originators of this fake news. Over 30 deaths were reported in 2018 due to fake news that went viral on WhatsApp. Be it fake news or spreading communal hatred and violence, social media platforms have played an essential role in these concerning events. Due to this, there has been a constant conflict between the State and these intermediaries with respect to their encryption-based model.  

As encryption now has become a barrier when it comes to the investigation during criminal proceedings or even while monitoring citizens on grounds such as national security or maintaining public order, etc. The opposing contention against encryption is that it doesn’t allow the government to keep a check; while mitigating potential threats, good surveillance is required to maintain peace in society.

Major Privacy Updates of the Week

CPRA to be Effective Soon.

On November 3, 2020, California voters adopted a ballot measure known as the California  Privacy Rights Act (CPRA). The CPRA considerably changes and broadens the CCPA by modernising, altering, and extending a number of regulations and requirements in order to increase the rights of Californian consumers. 

Read More.

T-Mobile's $350 Million Settlement

Part of a $350 million settlement for a 2021 cyberattack that exposed the personal information of millions of users may be due to current and former T-Mobile customers. If given final clearance, it will surpass Equifax‘s $700 million payment from 2019 to become the second-largest data breach payout in US history. 

Read More.

Uber’s former security chief found guilty of covering up 2016 data breach

In an effort to hide a data breach that resulted in the theft of tens of millions of customer and driver records, Uber‘s former head of security was found guilty of criminal obstruction. 

The case relates to a hack of Uber’s networks in 2016 that resulted in the exposure of information on 50 million users and 7 million drivers, including names, phone numbers, and email addresses, as well as around 600,000 U.S. driver licence numbers. 

Read More.

Catalogue retailer Easylife fined £1.48 million

Easylife Limited has been fined £1,350,000 by the Information Commissioner’s Office (ICO) for using 145,400 customers’ personal information without their permission to anticipate their medical conditions and target them with health-related products. 

Additionally, the business was hit with a £130,000 fine for its 1,345,732 predatory direct marketing calls. 

Read More.

Optus Data Breach confirms 2.1 million ID numbers exposed

The mobile carrier updated details regarding the personal information of 9.8 million customers exposed during the hack in a news release issued yesterday. 

Of these 2.1 million consumers, 1.2 million had at least one number from a current, legitimate form of identification compromised, and 900,000 had ID numbers exposed, although from documents that are now past their expiration date. 

Read More.

Curated by: Prajwala D Dinesh, Ritwik Tiwari, Ayush Sahay

WEEKLY PRIVACY NEWSLETTER

Keep up to pace with this high-impact weekly privacy newsletter that
features significant data privacy updates, trends, and tools that can
help to make your life secure & easier every day!

*By clicking on subscribe, I agree to receive communications from Tsaaro