United Nations says encryption and anonymity online are human rights that must be protected

The UN say governments need to justify any actions that endanger the anonymity of their citizens' digital presence (iStock)

The United Nation's Office of the High Commissioner for Human Rights has released a new report that says the ability to encrypt one's personal data and communications online are basic human rights.

"Encryption and anonymity, and the security concepts behind them, provide the privacy and security necessary for the exercise of the right to freedom of opinion and expression in the digital age," writes author David Kaye, a special rapporteur who will be presenting the paper to the UN Human Rights Council in June.

"Such security may be essential for the exercise of other rights, including economic rights, privacy, due process, freedom of peaceful assembly and association, and the right to life and bodily integrity."

Advertisement

The report comes amid a growing debate around the world about how much access governments should be able to have to citizens' private data, which authorities claim they need in order to protect their nation from terrorist attacks like the 9/11 bombings.

NSA's user of backdoors to access encrypted data

Edward Snowden turned whistleblower in 2013 when he leaked multiple documents revealing that the NSA and its UK cousin GCHQ had been spying on the internet communications of millions of people around the world, as well as monitoring phone conversations in the US and tapping the phones of foreign politicians.

The revelations showed that the NSA and the US government had been bullying tech companies to give them a "backdoor" into their products so that they could access encrypted data about citizens, for example, reading Gmail emails or Facebook communications.

It also came to light in 2014 that the US government not only forbid the tech companies from letting their users know that they were being spied on, but the NSA also distributed malware pretending to be Facebook to spy on users.

"States should avoid all measures that weaken the security that individuals may enjoy online, such as backdoors, weak encryption standards and key escrows," Kaye adds in the report.

The US government claimed in a recent interview with The New York Times that it is essential for its intelligence agencies to have access to encrypted data, otherwise the government would be "playing Russian roulette with national security".

Spying on citizens, or preventing a loss of life?

Kaye recognises that this can be a difficult issue for governments, who claim that spying on telecommunications and internet communications have enabled them to foil many terror plots, but he stresses that the state has to protect their citizens' freedom of expression as much as possible, while still preventing "violations of the right to life".

Advertisement

"In such situations, states must demonstrate that general limitations on the security provided by encryption would be necessary and proportionate," he writes.

"States must show, publicly and transparently, that other less intrusive means are unavailable or have failed and that only broadly intrusive measures, such as backdoors, would achieve the legitimate aim."

Kaye says that while the law in many European countries currently mandates that encryption keys must be disclosed to the government, judicial oversight is needed and the government should need to prove in court why it definitely requires the key in order to decrypt a specific citizen or group's information, rather than just indulging in mass surveillance.

By intentionally compromising the encryption of their citizens, a government "weakens everyone's security online", and this must be prevented.

© Copyright 2017 IBTimes Co., Ltd. All Rights Reserved.