Looking for some light through the lens of “cryptowar” history: Policy options for law enforcement authorities against “going dark”

As companies and end-users increasingly deploy end-to-end encryption, law enforcement and national security agencies claim they “go dark”, i.e. lose in practice the power to legally intercept and gain access to information and communications. This has revived a debate that seemed closed by the late 1990s, namely whether backdoors should be embedded in encryption systems. This paper provides a historical overview of the policy debates surrounding encryption, to identify the potential regulatory options for policy-makers, based on the lessons that can be learned from “cryptowar” history. We discuss the First Cryptowars (1990s, focusing on backdoor schemes), the Interbellum (featuring a rise in powers to order decryption), the Second Cryptowars (2010s, renewed backdoor discussions) and their aftermath: the newly emerging battlefield of legal hacking. The latter can be seen as a condition for the truce with which - for now - the Cryptowars seem to have ended. Cryptowar history teaches us that the two main policy options for decryption by government agencies - ensuring access to keys ex ante (backdoors) or ex post (decryption orders) - both suffer from fundamental flaws. Therefore, legal hacking powers - if human rights standards are sufficiently taken into account - could be the only realistic policy option to preserve some light in an era of dark communication channels.