This article is from The Technocrat, MIT Technology Review's weekly tech policy newsletter about power, politics, and Silicon Valley. To receive it in your inbox every Friday, sign up here.

On October 9, I moderated a panel on encryption, privacy policy, and human rights at the United Nations’s annual Internet Governance Forum. I shared the stage with some fabulous panelists including Roger Dingledine, the director of the Tor Project; Sharon Polsky, the president of the Privacy and Access Council of Canada; and Rand Hammoud, a campaigner at Access Now, a human rights advocacy organization. All strongly believe in and champion the protection of encryption.

I want to tell you about one thing that came up in our conversation: efforts to, in some way, monitor encrypted messages. 

Policy proposals have been popping up around the world (like in Australia, India, and, most recently, the UK) that call for tech companies to build in ways to gain information about encrypted messages, including through back-door access. There have also been efforts to increase moderation and safety on encrypted messaging apps, like Signal and Telegram, to try to prevent the spread of abusive content, like child sexual abuse material, criminal networking, and drug trafficking. 

Not surprisingly, advocates for encryption are generally opposed to these sorts of proposals as they weaken the level of user privacy that’s currently guaranteed by end-to-end encryption. 

In my prep work before the panel, and then in our conversation, I learned about some new cryptographic technologies that might allow for some content moderation, as well as increased enforcement of platform policies and laws, all without breaking encryption. These are sort-of fringe technologies right now, mainly still in the research phase. Though they are being developed in several different flavors, most of these technologies ostensibly enable algorithms to evaluate messages or patterns in their metadata to flag problematic material without having to break encryption or reveal the content of the messages. 

Legally, and politically, the space is sort of a hornet’s nest; states are desperate to crack down on illicit activity on the platforms, but free speech advocates argue that review will lead to censorship. In my opinion, it's a space well-worth watching since it may very well impact all of us. 

Here’s what you ought to know: 

First, some basics on encryption and the debate… 

Even if you’re not familiar with exactly how encryption works, you probably use it pretty regularly. It's a technology that uses cryptography (essentially, the math responsible for codes) to basically scramble messages so that the contents of them remain private. Today, we talk a lot about end-to-end encryption, in which a sender transmits a message that gets encrypted and sent as ciphertext. Then the receiver has to decrypt it to read the message in plain text. With end-to-end encryption, even tech companies that make encrypted apps do not have the “keys” to break that cipher. 

Encryption has been debated from a policy perspective since its inception, especially after high-profile crimes or terrorist attacks. (The investigation of the 2015 San Bernardino shooting is one example.) Tech companies argue that providing access would have substantial risks because it would be hard to keep a master key—which doesn’t actually exist today—from bad actors. Opponents of these back doors also say that law enforcement really can’t be trusted with this kind of access. 

So tell me about this new tech…

There are two main buckets of technologies to watch here right now. 

Automated scanning: This is the more popular, and the more controversial. It involves AI-powered systems that scan message content and compare it to a database of objectionable material. If a message is flagged as potentially abusive, tech companies theoretically could prevent the message from being sent or could in some manner flag the material to law enforcement or to the recipient. There are two main ways this could be done: client-side scanning and server-side scanning (sometimes called homomorphic encryption), with the main differences being how and where the message is scanned and compared to a database.

Client-side scanning occurs on the devices of users before messages are encrypted and sent; server-side scanning takes place once the message has been encrypted and sent, intercepting it prior to it reaching the recipient. (Some privacy advocates argue server-side scanning does more to protect anonymity since algorithms process the already-encrypted message to check for database matches without revealing its actual content.)

Cons: From a technical standpoint, it takes a lot of computing power to compare every message to a database before it’s sent or received, so it's not very easy to scale this tech. Additionally, moderation algorithms are not perfectly accurate, so this would run the risk of AI flagging messages that are not problematic, resulting in a clampdown on speech and potentially ensnaring innocent people. From a censorship and privacy standpoint, it’s not hard to see how contentious this approach could get. And who gets to decide what goes on the database of objectionable material?

Apple proposed implementing client-side scanning in 2021 to crack down on child sexual abuse material, and quickly abandoned the plan. And Signal’s president Meredith Whittaker has said “client side scanning is a Faustian bargain that nullifies the entire premise of end-to-end encryption by mandating deeply insecure technology that would enable the government to literally check with every utterance before it is expressed.”

Message franking and forward tracing: Message franking uses cryptography to produce verifiable reports of malicious messages. Right now, when users report abuse on an encrypted messaging app, there is no way to verify those reports because tech companies cannot see the actual content of messages, and screenshots are easily manipulated.

Franking was proposed by Facebook in 2017, and it basically embeds a tag in each message that functions like an invisible electronic signature. When a user reports a message as abusive, Facebook can then use that tag to verify a reported message has not been tampered with.

Forward tracing builds off message franking and lets platforms track where an encrypted message originated. Often, abusive messages will be forwarded and shared many times over, making it hard for platforms to control the spread of abusive content even if it has been reported by users and verified. Like message franking, forward tracing uses cryptographic codes to allow platforms to see where a message came from. Platforms could then theoretically shut down the account or accounts spreading the problematic messages.

Cons: These techniques don't actually enable tech companies or authorities to have increased moderation power in private messages, but they do help make user-centric and community moderation more robust and offer more visibility into encrypted spaces. However, it’s not clear if this approach is actually legal, at least in the US; some analysis has suggested it may break US wiretapping law.

What's next?

For now, none of these technologies seem ready to be deployed from a technical standpoint, and they may be on shaky ground legally. In the UK, an earlier version of the Online Safety Act actually mandated that encrypted messaging providers deploy these sorts of technologies, though that language was removed last month after it became clear that this technology wasn’t ready. Meta plans to encrypt Facebook Messenger by the end of 2023 and Instagram direct messages soon after, so it will be interesting to see if it incorporates any of its own research on these technologies.

Overall and perhaps unsurprisingly given their work, my panelists aren’t too optimistic about this space, and argued that policy conversations should, first and foremost, focus on protecting encryption and increasing privacy. 

As Dingledine said to me after our panel, “Technology is a borderless place. If you break encryption for one, you break encryption for all, undermining national security and potentially harming the same groups you seek to protect.”

What else I’m reading

• The challenges of moderating encrypted spaces came into sharp view this week with the horrors in Israel and Palestine. Hamas militants have vowed to broadcast executions over social media and have, thus far, been heavily using Telegram, an encrypted app. Drew Harwell at the Washington Post explains why this type of violent content might be impossible to scrub from the internet. 
• An essential front of the US-China tech war has been the struggle for control over advanced computing chips needed for artificial intelligence. Now the US is considering finding ways to blockade China from advanced AI itself, writes Karen Hao in the Atlantic.
• A damning new report from an oversight group at the Department of Homeland Security found that several agencies, including Immigration and Customs Enforcement, Customs and Border Protection, and the Secret Service, broke the law while using location data collected from apps on smartphones, writes Joe Cox in 404 Media.

What I learned this week

Meta’s Oversight Board, an independent body that issues binding policies for the tech company, is working on its first deepfake case. It has reportedly agreed to review a decision made by Facebook to leave up a manipulated video of President Joe Biden. Meta said that the video was not removed because it was not generated by AI nor did it feature manipulated speech. 

“The Board selected this case to assess whether Meta’s policies adequately cover altered videos that could mislead people into believing politicians have taken actions, outside of speech, that they have not,” wrote the board in a blog post.

This means that the board is likely to soon reaffirm or make changes to the social media platform’s policy on deepfakes ahead of the US presidential election, which could have massive ramifications over the next year as generative AI continues to steamroll its way into digital information ecosystems.