Data encryption a threat to fighting child sexual abuse, says DOJ

The department, along with other international agencies, alleged end-to-end encryption can create “severe risks to public safety.”

The U.S. Department of Justice has released an international statement claiming that end-to-end encryption “poses significant challenges to public safety,” including sexually exploited children. 

In an Oct. 11 statement from the DoJ, the agency called on technology companies to work with the government to find a solution for strong data encryption with the means to allow the investigation of illegal activity and content. The department stated end-to-end encryption that hindered law enforcement from accessing certain content creates “severe risks to public safety.”

The statement was signed by the DoJ, the Home Department of the United Kingdom, the Australian Minister for Home Affairs, India, Japan, a New Zealand Member of Parliament and the Minister of Public Safety and Emergency Preparedness of Canada.

In particular, the DoJ stated such encryption — in which only the senders and receivers can access the data being sent — undermined law enforcement from “investigating serious crimes” and “protecting national security.” In addition, a tech company’s ability to identify and respond to child sexual exploitation and abuse, violent crime, and terrorist propaganda may be compromised, claimed the department.

Citing a 2019 report from the National Center for Missing and Exploited Children (NCMEC), the government agency implied end-to-end encryption needed to be implemented with a solution to safeguard children, or it would undermine the current system of reporting such exploitation.

“In 2018, Facebook Messenger was responsible for nearly 12 million of the 18.4 million worldwide reports of CSAM [child sexual abuse material to the NCMEC],” the DoJ said, citing a 2019 statement from the WePROTECT Global Alliance. “These reports risk disappearing if end-to-end encryption is implemented by default, since current tools used to detect CSAM do not work in end-to-end encrypted environments.”

Elected officials in the United States have already acted to seek a legislative solution to investigating the illicit activities to which the DoJ referred.

In June, three Republican senators put forth a bill that would outlaw end-to-end encryption for technology companies, requiring device manufacturers and service providers to assist law enforcement by providing access to encrypted data. The bill, named The Lawful Access to Encrypted Data Act, is currently under review in the Committee on the Judiciary. There is also the EARN IT Act, a proposed bill that would require digital messages to first pass through government-approved scanning software in order to monitor for malicious criminal activity.

Proponents of both bills have claimed their purpose would include protecting children from sexual abuse. However, many privacy advocates have heavily criticized the bills’ sponsors for what they perceive as the government encroaching on personal freedoms.

Though its statement focused on end-to-end encryption, the DoJ stated it would extend its efforts to “device encryption, custom encrypted applications and encryption across integrated platforms.” The government agency claimed it would hold a “respect for privacy” at the forefront of any legal framework.

“We challenge the assertion that public safety cannot be protected without compromising privacy or cyber security,” the DoJ stated.