Mozilla took a strong stance on online privacy this week by reiterating the need for more encryption -- but also noting that, in our age of government backdoors, encryption software alone may not be enough to keep data secure.
In a blog post, Mozilla, the organization behind Firefox and other popular open source software, declares that "encryption isn't a luxury -- it's a necessity." And it plays up the importance of projects like Let's Encrypt, a partnership Mozilla helped launch in 2014 to create an open certificate authority for encrypting websites.
It's not too surprising to see an outfit like Mozilla pitching the importance of online privacy. That's a popular thing to say these days. It's also something users want to hear as they report that they are more worried about privacy on the Internet than about keeping their jobs.
But what's interesting in the Mozilla version of the online-privacy spiel is that the organization says code alone is not sufficient. It also calls for a political fight to make sure government agencies don't undercut encryption by engineering ways to read encrypted information.
"As more and more governments propose tactics like backdoors, technology alone will not be enough," Mozilla said. "We will also need to get Mozilla's community -- and the broader public -- involved. We will need them to tell their elected officials that individual privacy and security online cannot be treated as optional. We can play a critical role if we get this message across."
It's worth noting that the political campaign involving encryption is not new. Groups like GNU were railing in the mid-1990s about attempts by the United States to ban encryption software that it could not break, and to prosecute people who exported encryption code abroad.
But the encryption scene today, of course, is far different than it was two decades ago. Enormously greater volumes of data are now stored and exchanged online. And government efforts to undermine encryption technology (as Edward Snowden showed by revealing how the NSA breaks some forms of VPN encryption, for instance) have now become more secretive -- and easier to sell to the public in liberal societies because of newfound concerns about terrorism.
We won't go on record saying that the government should never have the ability to break encryption. But we think this is an issue that, at minimum, deserves a lot more public scrutiny. For that reason, it's reassuring to see Mozilla attempting to bring the debate over encryption back to the fore.