Uncrackable Encryption Likely Demanded by Big Businesses: Phones They Own Could Be Listened to by Competing Businesses
» Email someone you know about this article.
Recent news reports about encryption on common devices, like smartphones, said some of it is so strong that law enforcement agencies were unable to crack it without manufacturers’ help and maybe even with manufacturers’ help. That help was denied or impeded. Access was delayed until a third party found a way in. Those reports focused on consumers’ demands for privacy, but most consumers can have full privacy with less than completely uncrackable encryption, because most consumers are not interesting enough to attract expensive high-level efforts at cracking their security, although not all consumers can tell if they’re of sufficient interest.
But unbreakable encryption is demanded for another large reason.
Businesses in Competition
The reports left out, I think, a major reason why the manufacturers did not want the encryption broken: Many of their larger customers are businesses who buy devices by the tens of thousands each, every year. Those business customers not only don’t want anyone cracking the security on the devices they use but do want to know what their competitors are up to. That’s almost a contradiction but never mind: Large businesses don’t want to be spied on by other businesses.
They use the services of private investigators who deliver results and who may prefer that they not be asked questions that might need sensitive answers revealing how they acquired the information their business clients want. They likely have cover stories but close questioning might break them. It is common practice that businesses find hidden listening devices in hotel rooms during major conferences. It’s often not clear how the listening devices got there; they could be from a previous event or could have been placed as a joke by hotel staff, but a common suspect is a competitor, who could readily hire a private investigator or hotel staff member to plant listening devices about as easily as another investigator could find them. I read once of Bill Gates having been advised to have an innocuous conversation with someone else while an investigator searched for, and found, hidden listening devices in a hotel room.
One may assume that large businesses will expect their employees to keep their productivity up, including by staying on top of technological developments that will help keep their productivity up. Therefore, not only will corporate communications technology departments want to keep high-quality security on their telephones, but corporate competitive intelligence activities will look for ways to listen in on competitors without any embarrassing discoveries by competitors catching them illegally listening. Competitors can be so touchy. Sometimes, they sue.
Businesses, therefore, will be happier buying their devices from manufacturers who can deliver strong encryption with those devices, especially if all else is equal.
Cracking Their Own Security
Another problem arises, though, if encryption is so strong that companies can’t crack the security on their own devices. Someone could send a vital message into such a device but the company fails to retrieve it in time and a dangerous consequence follows. Or someone could plan a crime by sending a message stating the plan and the company (other than possibly the immediate recipient) does not know and so does not act to prevent the crime. Legally, the company may be held liable for having known about the planned crime because the plan was sitting on their device, even though no human eyes (other than the sender’s) saw the plan. A similar legal outcome could attend an injury the company could have prevented had the company retrieved, on time, the warning on its device.
Probably, though, businesses deal with those risks the way they deal with other risks of unpreventable and irreparable major harm. Namely, they hire only people they trust, especially for the highest positions. Therefore, they likely prefer uncrackable security to security that competitors could crack. Thus, they will generally support device manufacturers’ offering uncrackable security.
Absolute Uncrackability or Almost Good Enough
Whether the encryption is absolutely uncrackable or merely uncrackable within the next century or so is probably not critical for these purposes. However, while absolutely uncrackable systems for long content can stay uncrackable, those that supposedly cannot be cracked for centuries are that way in the context of expert predictions about future technology, and breakthroughs or reconceptualizations of technology may induce changes in those predictions, often to shorter time frames.
Sometimes, a government keeps messages they’d like to be able to crack in the future, even if they can’t crack them yet. Nothing much bars a private entity from doing likewise.
Governments Perhaps Spying For Businesses
What’s safe is that business information collected by law enforcement and national security agencies pursuant to criminal and national security investigations and warrants in some nations is probably not being shared with competitors, the main exception being trade secrets during court proceedings, and a recent court case may have shown that even that exception may not be much of a risk any longer. While such improper revelations would presumably be secret, if they had been happening on a substantial scale over the years, at least some significant cases of it likely would have been publicly revealed by now, and as scandals. I don’t think it has been reported, so it’s probably not happening.
However, that leaves open some international risk, as some reporting says that not all governments are as scrupulous, the People’s Republic of China having been one nation with sharing of information gleaned for a national security purpose with domestic business that was competing with non-Chinese businesses. A multinational business may have its information exposed to a nation that shares even if its main operations are in a nation that does not. Thus, the multinational may reasonably be concerned and may demand a high level of privacy on its communications, including uncrackable encryption.
No End in Sight
Some of the business customers are large and powerful. Some of the device builders are, too. The struggle between the commercial side and the government side, and the cooperation, will continue.
