E2EE: Stuck Between a Rock and a Hard Place

Moderator

  • Christian Wiese Svanberg

Speakers

  • Scott Charney
  • Susan Landau
  • Christine Runnegar

Organisation: Microsoft

Room: Grand Hall Online

Timing: 16:00 - 17:15 on 27 January 2021

For more than two decades, the debate over End-to-End (E2E) Encryption has defied simple solution. The deployment of E2E encryption impacts a range of complementary and competing interests, including privacy, security, civil liberties, national security, public safety, and ICT innovation. While societies often seek policy solutions that balance such competing interests, encryption technology is, in a word, binary: E2E encryption is either breakable or it is not. As such, its use – or its restriction – will affect important societal values in ways both good and bad. And since governments often have different agencies and individuals addressing these values (e.g., privacy/data commissioners, law enforcement personnel), they may offer conflicting guidance on the way forward, thus highlighting the need for better communication and coordination between those interested in E2E encryption, including representatives from government, private companies, academia, and civil society. The panel will frame and discuss the fundamental dilemmas this complex gives rise to.

• Encrypted devices and encrypted communications present different problems to law-enforcement investigations and different challenges in terms of ensuring security to the public. Of the most serious illegal activity that occurs online, do encrypted devices or encrypted communications present the greatest difficulty to law enforcement? What are the types of threats posed? What solutions do researchers and industry propose for enabling law-enforcement investigations?
• How do we ensure public safety, national security, and privacy when much of our economic, business, and social activity has moved online?
• Aside from access to encrypted communications and locked devices, what tools and techniques are needed by law enforcement agencies to conduct investigations in a digital world?
• How can we find a coordinated approach between lawmakers, companies, and academia to come up with an alternative to the “going dark debate” that serves all parties?

Moderator

Christian Wiese Svanberg

Danish Police (DK)

Christian Wiese Svanberg is the Chief Privacy Officer and DPO of the Danish Police. Since 1 January 2019 he has also been the DPO of the Danish Passenger Information Unit established under the PNR Directive. He is a delegate to the EU Council DAPIX working group and represented Denmark in the European Commission’s High Level Expert Group on Information Systems and Interoperability.
In 2012 he co-chaired the first six months of the DAPIX negotiations of the GDPR and Law Enforcement Directive. Previous employments include the Danish Data Protection Agency, The Ministry of Justice and as an attorney-at-law at Plesner Law Firm, Copenhagen.
Christian is an external lecturer in European Data Protection Law at the University of Copenhagen Law School.

Speakers

Scott Charney

Microsoft (UK)

Mr. Scott Charney is Vice President for Security Policy at Microsoft, working with public and private sector organizations to develop and implement strategies to help secure the IT ecosystem. Prior to working at Microsoft, Mr. Charney served as chief of the Computer Crime and Intellectual Property Section (CCIPS) at the U.S. Department of Justice (DOJ) where he was responsible for implementing DOJ’s computer crime and intellectual property initiatives. He served three years as chair of the G8 Subgroup on High-Tech Crime, was vice chair of the Organization of Economic Cooperation and Development (OECD) Group of Experts on Security and Privacy, and led the U.S. Delegation to the OECD on Cryptography Policy.

Susan Landau

Tufts University (US)

Susan Landau is Bridge Professor in Cyber Security and Policy at The Fletcher School and the School of Engineering, Department of Computer Science, Tufts University and Visiting Professor, Department of Computer Science, University College London. Landau works at the intersection of cybersecurity, national security, law, and policy. Landau's new book, People Count: Contact-Tracing Apps and Public Health, will be published in April 2021. She has also written extensively on cryptography policy, wiretapping, and surveillance, and has testified before Congress and frequently briefed US and European policymakers on encryption, surveillance, and cybersecurity issues.

Christine Runnegar

Internet Society (AU)

Christine Runnegar is Senior Director, Internet Trust at the Internet Society, which advocates for policies that support an open, globally-connected, secure and trustworthy Internet. With a background in regulatory litigation and an international outlook, Christine complements her privacy and security expertise with a deep appreciation of technology. Christine co-chairs the W3C Privacy Interest Group (PING), has served as a member of ENISA’s Permanent Stakeholders Group, and currently serves on the Board of the Internet Security Research Group (ISRG), the home of the Let’s Encrypt certificate authority.