►
From YouTube: Day 2: Encryption and You How the Internet Society Community Stands Up for Strong Encryption
Description
This session looks at what is at stake in the global encryption debate, what some of the threats to encryption are, and how you can join the effort to promote and defend strong encryption. As part of the discussion, members of the Internet Society and Global Encryption Coalition communities will outline how they advocate for strong encryption around the world, and how you can too.
Speakers: Prasanth Sugathan, Apar Gupta, Amrita Choundhury, Neeti Biyani
A
Of
the
recent
years
we
have
seen
how
from
the
technology,
which
was
mostly
used
by
the
military,
then
by
the
private
sector,
it
has
gone
mainstream
where
people
have
started
using
encryption
even
often
annoyingly.
For
example,
when
you
send
a
message
on
whatsapp,
most
people
won't
even
know
that
it
is
end-to-end
encrypted.
So
that
is
how
it
has
become
very
easy
to
use
for
the
common
man.
The
technology,
which
was
restricted
to
military
use
have
now
become
such
common
place
that
everyone
can
easily
use
it
now,
that
is
where
the
concerns
have
started.
A
I
mean
coming
from
the
government
of
other
sources,
etc.
For
example,
in
india
we
have
seen
a
few
parliamentary
committees
coming
up
with
strange
ideas.
One
there
was
a
committee,
the
rajya
sabha
committee,
which
thought
that
would
control
child
sexual
abuse
material
being
circulated.
A
There
should
be
a
provision
to
trace
back
messages,
and
that
is
the
that
is
what
has
been
incorporated
in
the
new
it
rules.
The
information
technology
rules
related
to
intermediaries,
which
provides
for
traceability
of
messages
even
end-to-end,
encrypted
messages
like
whatsapp
there's
another
committee,
which
has
even
proposed
the
idea
of
banning
bps.
A
A
I
I
can't
I'm
not
sure
how
can
even
someone
think
of
banning
something
like
a
vpn,
I
mean
nothing
has
happened
yet
thankfully,
but
this
is.
These
are
the
kind
of
strange
ideas
which
often
come
from
parliamentarians
from
lawmakers,
mostly,
maybe
because
there's
a
lot
of
technology
behind
this
most
people
may
not
understand
what
really
is
done
by
the
technologies
like
encryption.
How
important
that
is,
for
people
to
let's
say,
go
get
on
with
their
normal
lives.
A
I
would
suggest
that,
for
example,
in
india,
the
supreme
court
has
held
in
the
bhutan
zombie
judgement
that
the
right
to
privacy
is
a
fundamental
right,
but
we
have
approached
the
high
court
in
kerala
as
the
fact
finally
approach
the
high
court
in
kerala,
seeking
that
the
right
to
encrypt
also
has
to
be
held
to
be
a
subset
of
right
to
privacy.
A
A
They
don't.
These
applications
also
are
end-to-end
encrypted.
There
are
applications
like
metrics
again
signal
is
essentially
a
free
software
application,
and
most
of
these
people
may
not
have
the
resources
to
fight
the
government
and
when
you
have
something
like
traceability
being
imposed.
So
that
is
why
we
had
approached
the
high
court.
The
matter
is
still
pointing.
Most
of
these
matters
could
end
up
in
the
supreme
court
that
transfer
petition
is
being
filed,
but
there,
along
with
the
right
to
or
entered
what
we
are
asking
for,
is
what
we
are
challenging.
A
So
these
are
the
kind
of
things
which
are
happening
where
encryption
has
become
so
much
a
part
of
our
lives
so
much
a
part
of
our
communications,
ensuring
that
we
can
communicate
safely.
We
can
communicate
privately
with
our,
maybe
colleagues,
with
the
case
of
journalists
with
their
sources
etc,
and
that
is
being
attacked
by
governments
across
the
world.
A
For
example,
the
five
wise
countries,
along
with
india
and
japan,
had
returned
asking
for
companies
to
provide
for
back
doors,
so
that
exactly
is
the
problem
where,
if
you
are
providing
for
a
bank
door,
the
battery
is
not
just
for
the
government,
it
could
also
be
for
other
bad
actors
once
he
opens
up
something.
You
can't
say
that
it
will
be
restricted
only
for
the
government
and
again,
as
was
recently
seen
in
india
in
the
case
of
use
of
the
gases,
a
military
grade,
spider
by
the
gun,
most
probably
by
the
government.
A
B
Thank
you.
Thank
you
so
much
prashanth
and
I
think
we'll
definitely
want
to
come
back
to
you
know
what
you
mentioned
about
right
to
encrypt
and
with
that
could
I
now
request
amrita
to
please
give
us
her
initial
remarks.
C
So
hi
everyone
and
glad
to
be
here,
I
think
prashanth
laid
it
out.
Niti
obviously
gave
the
background
and
prashant
said
most
of
the
things.
Perhaps
we
may
want
to
to
have
said,
but
you
know
taking
a
cue.
I
look
at
it
from
the
apac
level
also
and
how
you
know
things
are
developing,
as
in
most
governments
today
are
of
are
thinking
that
perhaps
getting
access
to
encrypted
devices
is
going
to
solve
most
of
the
issues
and
governments
all
across
you.
Look
at
australia
with
their
tola.
C
Japan
is
also
starting
to
speak.
You
look
at
europe,
you
look
at
even
canada,
trying
to
speak
belgium
having
something
as
in
everywhere.
Governments
are
trying
to
kind
of
look
at
the
option
of
you
know
having
some
access
to
encrypted
data.
The
narrative
today
is
security
versus
privacy,
whereas
these
are
not
exclusive
things,
it
is
just
not
about
you
know.
The
conversation
goes
into.
Is
national
security
more
important
or
individual
rights,
but
it
is
just
not
about
individual
rights.
C
It
is
also
about
economies,
as
in
like
prashanth,
was
saying
that
it
is
just
not
being
used
by
governments.
It
is
being
used
by
businesses
and
when
we
look
at
businesses,
it's
just
not
the
big
companies.
There
are
small
companies
too,
who
are
catering
to
others.
We
can't
just
let
the
narrative
be
with
big
companies
and
the
and
the
conversation
is
going
to
the
content.
C
It
is
content
related.
What
content
is
flowing,
whether
it
is
misinformation,
whether
it
is
csam
content,
whether
it
is
terrorist
content
for
that
matter?
So
and
not
all
these
issues
can
be
solved
by
technology,
because
these
are
social
issues
and
they
have
to
be
looked
at
and
dealt
with
with
a
social
angle.
Also,
of
course,
technology
has
a
role,
but
it
cannot
be
technology
which
can
prevent
a
lot
of
harms
which
are
happening.
C
So
this
is
something
which
needs
to
be
seen
the
economic
loss
or
the
loss,
which
is
happening
if
we
break
the
encryption,
the
trust
which
we
lose,
the
security
which
we
lose,
which
prashanth
was
also
elucidating
to
that.
If
you
break
something,
it
will
give
access
to
other
people,
also
whom
you
don't
want
them
to
access.
That's
important.
Like
you
know,
the
narrative
today
is
csam
attack
against
women
or
harassments,
etc.
Terrorist
contents,
fake
news-
and
these
are
genuine
issues
as
in
no
one
denies
it,
but
is
breaking
encryption.
C
The
only
way
to
stop
this-
I
guess
most
of
us
in
the
panel,
don't
believe
that
is
the
way
and
many
people
don't
so
these
are
certain
things
which
needs
to
be
looked
at,
and
perhaps
you
know
just
recently
for
the
igf.
We
had
a
preparatory
phase
where
we
were
discussing
trust
security
and
there
was
an
interesting
conversation
which
someone
mentioned,
that
I
think
we
we
need
to
go
deeper
into
the
encryption
issue
as
in
what
encryption
is
and
how
encryption
should
look
like.
Have
smaller
companies
also
implement?
C
You
know
these
best
practices
and
not
only
implementation
but
advocacy
and
others
and,
let's
you
know,
speak
about
it
more
and
and,
as
you
know,
what
you
have
been
mentioning
niti,
it
is
important
to
get
people
into
the
conversation
governments.
Obviously
there
has.
There
is
a
need
for
capacity
building
at
different
levels
to
understand
issues.
We
also
have
you
know:
common
man
may
not
think
of
encryption
as
such,
but
everyone
is
using
banking.
Everyone
is
using
other
things.
Even
you
know,
buying
things
for
that
matter.
C
They
may
not
all
go
to
amazon,
they
may
go
to
smaller
platforms.
Also,
we
need
safety
on
the
internet.
We
don't
want
things
to
be
snooped
at
or
surveilled
always.
You
know
so,
and
everything
is
not
bad
happening
on
the
internet.
Just
for
a
ten
percent
or
one
percent
bad
actor.
You
can't,
you
know,
have
a
surveillance
regime,
so
I
think
we
need
to
have
more
conversation.
There
are
great
capacity
building
initiatives
with
gc
and
others.
Everyone
is
doing.
Sfnc
is
doing.
C
Iff
is
doing,
I
think,
and
there
are
collaborations
happening
and
it
has
to
magnify
at
different
levels.
So
I'll
stop
here.
B
Thanks
so
much
amrita
and
also
you
know
great
that
you
brought
in
the
technical
aspects
as
well
as
the
constitutional
aspects
vis-a-vis,
how
we
think
about
encryption,
and
I
think
on
that
note
you
know
on
that
note
of
what
this
means
for
us
legally
as
citizens
I'll
turn
to
apar
from
internet
freedom
foundation
apart.
If
you
could
give
us
your
initial
remarks,
please.
D
And
my
marks
will
be
focused
primarily
on
india
and
the
large
trends
which
we
are
seeing,
which
underpin
the
what
is
called
ongoing
encryption
debate.
So
the
first
trend
which
we
have
seen,
which
is
necessary
for
a
lot
of
people
in
the
apac
region
to
consider
is
the
large
level
of
digitization
taking
place
in
india,
which
is
underpinned
by
encryption
by
itself.
D
So,
while
a
much
more
popular
use
case
is
instant
messaging
applications
which
utilize
end-to-end
encryption,
which
means
that
the
message
in
transit
is
encrypted
encryption
at
rest,
which
is
that
personal
information,
especially
sensitive
personal
information,
which
may
be
related
to
people's
education
or
people's
medical
records,
family,
etc,
is
also
gathered
with
a
greater
granularity
by
certain
by
several
state
agencies
in
a
process
of
rapid
digitization.
D
These
include
agencies
of
the
central
government
and
state
government,
beyond
which
this
level
of
digitization
is
also
leading
to
a
lot
of
technology
based
businesses,
which
are
adopting
encryption
as
a
method
of
cyber
security
implemented
by
them.
So
what
you
see
is
a
large
amount
of
embrace
and
adoption
of
the
encryption
technology
itself,
and
this
is
important
to
consider.
D
The
second
is
that
the
number
of
users
for
internet
in
india
has
shot
up
tremendously
due
to
the
relatively
cheap
rates
of
data,
so
there's
an
increased
amount
of
activity
which
is
commensurate
with
these
systems,
which
are
developed,
which
are
utilizing
encryption.
So
it's
not
only
that
the
system
is
there.
D
If
you
look
at
the
reports
which
are
put
out
by
the
telecom
regulatory
authority
of
india
or
which
are
put
out
on
an
annual
basis
by
the
department
of
telecom,
it
evidences
that
this
sharp
increase,
in
fact,
is
concentrated
in
certain
metropolitan
cities,
where,
in
fact,
for
every
100
people,
for
instance
in
delhi,
there
may
be
more
than
one
connection
there
may
be,
potentially
even
more
than
two
connections
per
person
in
delhi.
D
For
instance,
under
the
information
technology
act,
you
have
a
specific
provision
relating
to
the
central
government's
powers
to
define
what
are
the
standards
which
can
be
adopted
with
respect
to
encryption.
D
D
With
regard
to
encryption
technology
which
articulates
itself
in
terms
of
demands
for
bad
goals,
it's
also
necessary
for
us,
as
people
who
are
working
in
the
area
of
cyber
security,
as
well
as
pushing
towards
norms
to
push
for
a
more
more
legal
recognition
of
the
adoption
of
the
legal
of
of
the
adoption
of
encryption
itself
to
match
pace
with
the
increased
usage
in
people's
personal
and
professional
lives.
D
The
second,
the
third
large
trend
which
evidences
these
injuries,
which
has
been
briefly
adverted
by
prashant
in
his
initial
remarks
and
by
amrita,
is
what
is
called
as
the
concept
of
traceability.
And
this
is
another
large
trend
which
evidences
frequent
regulatory
tussles
which
have
taken
place
in
the
past.
This
is
evidenced
either
through
the
government's
demand
from
blackberry
to
store
local
keys
in
india,
which
was
a
historic
demand
years
ago.
D
I
think
in
2009
to
2012,
which
was
one
of
the
higher
points
of
how
this
kind
of
regulation
may
have
been
necessary
or
may
have
been
the
notification
of
certain
decryption
powers,
which
was
specifically
provided
under
the
information
technology
act,
but
have
they
found
the
most
concerning
provision
under
the
traceability
requirement,
which
is
under
rule
4-2
of
the
I.t
rules
made
on
february
25th
2021
this
year.
I'll
just
read
it
out
briefly,
for
the
benefit
of
the
audience
in
the
apac
region
may
not
know
it.
D
It
states,
and
I'm
starting
right
now
quote
a
significant
social
media
intermediary,
providing
services
primarily
in
the
nature
of
messaging,
shall
enable
the
identification
of
the
first
originator
of
the
information
on
its
computer
resource
as
may
be
required
by
judicial
order
passed
by
a
court
of
competent
jurisdiction
for
a
order
passed
under
section
69
of
the
competent
authority,
as
per
the
information
technology
procedure,
safeguards
for
interception,
monitoring,
decryption
rules,
2009
end
of
quote.
It
further
provides
and
I'm
again
reading
from
this,
or
is
that
that.
D
That
provided
also
that
in
complying
with
the
order
for
identification
of
the
first
originator,
no
significant
social
media
intermediate
shall
be
required
to
disclose
the
contents
of
any
electronic
message.
Any
information
related
to
the
first
one
originator
or
any
information
related
to
its
users.
Now
there
is
a
seeming
contradiction
here
where
the
government
is
trying
to
indicate
that
it's
not
interested
in
the
actual
content
of
the
message,
but
at
the
same
point
in
time,
wants
to
identify
who
sends
the
first
message
on
a
instant
messaging
platform.
D
The
underlying
basis
of
this
emerges
from
a
social
alarm
or
a
social
panic,
which
was
inspired
around
reports
of
a
child
objection
leading
to
lynching
in
several
parts
of
india,
which
was
being
reported
quite
actively
by
in
media
reports
by
the
press,
and
it
was
being
said
that
this
was
facilitated
through
instant
messaging,
which
was
enabled
through
the
internet,
which
utilized
end-to-end
encryption
and
prevented
law
enforcement
from
identifying
who
was
composing
the
child
abduction
rumors
in
the
first
place.
By
itself.
D
However,
we
have
seen
over
a
period
of
time
and
deeper
levels
of
examination
have
shown
that
it
was
not
encryption,
which
was
at
fault,
and
even
the
solutions
which
are
proposed
do
not
lead
to
the
outcomes
of
identification
of
the
first
originator.
Given
that
you
just
need
to
change
the
capitalization
of
a
message,
a
small
punctuation
or
or
even
changing
the
or
inserting,
an
image
in
it
which
can
result
in
the
information
being
identified
as
fresh
information,
thereby
there
being
a
fresh
originator
for
each
message
by
itself
beyond
all
these
technicalities.
D
Really.
I
just
like
to
end
by
saying
my
initial
remarks
by
saying:
there's
a
large
amount
of
digitization
or
adoption
of
encryption,
it's
being
used
for
ensuring
safety
and
privacy
for
people
both
by
government
as
well
by
the
private
sector.
There's
the
absence
of
definition
of
norms
and
legal
standards.
How
and
when
it
can
be
used.
It's
fairly
spread
off
all
across
the
place
and
at
the
same
point
in
time
you
see
these
regular
arguments
without
a
well
substantiated
basis
that
we
need
to
break
encryption.
D
Build
back
those
or
you
need
to
add
a
traceability
in
end-to-end
encryption,
which
is
when
the
message
is
being
transmitted
so
law
enforcement
can
identify
people
who
send
messages
over
it,
which
would
undermine
privacy
but
also
does
not
satisfy
the
purposes
of
law
enforcement
itself.
Thank
you
so
much
for
having
me
and
look
forward
to
further.
B
Thank
you
so
much.
Thank
you
so
much
prashanth
for
all
of
your
opening
remarks.
I
think
I've
heard
very,
very
interesting
things
and
I'd
like
to
specifically
ask
all
of
you.
You
know
considering
you've
been
advocates.
Such
active
advocates,
for
you
know
an
open,
strong,
globally
connected
internet
that
you
know
in
very
many
ways,
does
rely
on
encryption
to
keep
us
all
safe.
What
are
some
of
the
things
that
you
know
you've
seen
through
your
journeys
of
organizing
mobilizing,
advocating
that
you
would
want
to
recommend
to
our
community?
B
A
Okay,
I'll
start
with
the
comment
made
by
a
parliamentarian
who
was
part
of
an
event
that
we
conducted
with
held
on
encryption.
A
So
his
remark
was
that
okay,
you
discussed
so
much
about
encryption,
so
much
about
the
I.t
rules,
but
unless
this
is
mainstream,
unless
this
is
something
which
is
going
to
affect
my
electorate,
unless
it's
going
to
affect
my
voting
the
way
people
vote,
I'm
not
going
to
do
anything
about
it.
So
that
was
the
message.
The
problem
is
that
this
discussions
that
we
have
about
education
is
so
high
and
so
is
votering,
so
people
can't
even
relate
to
it.
A
So
if
you
really
want
to
make
a
campaign
out
of
it,
you
need
to
also
make
it
easy
for
people
to
understand,
but
that
is
what
we
are
trying
to
do
during
that
discussion.
To
have
discussions
with
journalists
make
it
easy
for
people
to
understand
the
whole
issue.
I
mean
when
you
discuss
admission
end-to-end,
you
lose
the
half.
A
Your
audience
is
there,
so
unless
we
have
a
big
community,
whether
it's
the
free
software
movement,
whether
it's
the
big
internet
society,
community
etc,
that's,
I
think,
that's
what
all
of
us
should
try
to
do,
make
it
easy
for
people
to
others
to
make
it
easy
make
them
realize
why
this
discussion
is
important.
A
We,
as
I
mean
often
start
with
this
counter
coming
from
various
sources,
that
again
we're
not
that
much
bothered
about
privacy.
Privacy
is
only
going
to
affect
people
who
have
something
to
let's
say
hide.
That's
the
first
response
that
we
often
get.
I
think
we
have
traveled
a
lot
from
that
area
at
these.
People
are
now
concerned
about
privacy.
A
Otherwise
we
used
to
get
this
messaging,
often
that
okay,
we're
not
that
important
with
privacy.
I
think
the
same
issue
with
encryption
when
we
are
going
to
discuss
so
unless
we
make
it
easy
for
people
to
understand,
make
it
easy
for
even
parliamentarians
to
understand
tell
them
why
this
is
important
for
your
industry,
for
your
economy,
for
citizens
in
general,.
B
Right
so
so,
civic
education
and
capacity
building
are
sort
of
like
the
two
focus
areas
that
you
know,
we've
heard
from
prashanth
about
I'll
move
on
to
amrita.
Maybe
you
know
you've
won
so
many
different
hats
over
the
course
of
your
career
for
for
our
advocates
in
our
community
and
champions
of
the
open
internet.
What
is
it
that
you
would
recommend
we
could
adopt
in
asia,
pacific
specifically
so.
C
You
know
I
plus
plus
what
prashanth
has
said,
I
would
say:
engage,
engage
with
communities
at
all
levels.
As
prashan
said
it
is,
you
know,
with
lawmakers.
You
may
have
to
speak
in
a
different
language
with
you
know
the
parliamentarians
in
a
different
language
with
normal
people,
you
have
to
speak
in
a
different
language,
so
engage
with
people.
Collaborate
as
in
people
are
working.
You
can
join
hands
when
required.
You
can
share
best
practices,
you
have
to
collaborate.
C
Building
capacity,
definitely
is
there
and
like
prashant
said
many
may
not
understand
encryption,
but
people
understand
safety
of
their
data.
For
example,
we
were
doing
a
study
for
the
world
wide
web
a4ai
and
we
were
speaking
to
women,
entrepreneurs,
small,
very
level,
basic
level,
entrepreneurs,
and
so
they
said
that
we
want
even
our
say,
social
media
conversations
or
whatsapp
conversations
to
be
safe.
No
one
should
be
able
to
see
them
or
whatever
we
do
so.
Those
are
inherent
things
which
an
encrypted
message.
You
know
platform
gives
you.
C
They
may
not
understand
the
word
encryption,
but
they
understand
that
they
want
to
keep
themselves
secure.
They
want
to
do
everything
in
a
manner.
So
that's
important:
you
have
to
speak
to
them
in
their
language,
but
obviously
learn
from
others
engage
collaborate
and
yeah
and
keep
on
doing
what
you
are
doing.
If,
once
you
fail,
it
doesn't
mean
you
fail.
You
keep
on
doing
improvise.
D
In
our
work,
what
we've
thanks
so
much
our
what
we've
seen
has
been
particularly
useful,
has
been
a
conversation
with
the
larger
public
about
the
uses
of
encryption,
which
they
actually
don't
realize
and
much
more
tangibly
explaining
how
it's
under
threat-
and
this
needs
to
be
done
by
people
who
are
specialists
in
public
literacy
and
can
involve
in
these
conversations.
D
Quite
often
the
issue
has
been,
for
instance,
even
in
this
conversation
is
that
that
there's
a
format
for
expert-led
conversation
and
quite
often,
experts
in
public
policy
or
law,
are
not
the
experts
for
civic
advocacy
by
itself
for
camp
for
campaigns
by
itself.
D
So
I
would
say
that
the
first
great
learning
which
has
come
through
our
work
and
what
we've
implemented
has
been
that,
like
just
like,
there's
a
difference
between
a
doctor
and
a
lawyer,
there's
also
a
difference
between
a
lawyer
and
a
digital
creator
or
or
a
person
who
can
engage
large
numbers
of
people
using
social
media.
And
quite
often
our
learnings
have
been
that
once
you
do
resource
for
this
over
a
period
of
time,
there's
also
a
large
amount
of
community
questions.
D
Understanding
curiosity,
which
develops-
and
I
think
that's
where
a
larger
amount
of
the
investment
of
resources
need
to
be
made
without
reducing
the
already
existing
commitments,
as
well
as
resources
by
philanthropies
by
institutions
towards
research
and
advocacy
around
the
defense
of
encryption.
Okay,
because
when
that
community
is
engaged
and
knows,
what's
the
value
of
encryption
they'll
be
able
to
speak
up
on
it
rather
than
just
saying,
encryption
is
good
for
you.
We
have
to
explain
that
we
need
to
get
into
that
conversation.
D
The
second
is
that
beyond
these
specialists,
and
specifically
resourcing
for
this
is
to
also
engage
with
the
criticisms
around
encryption.
So
rather
than
just
saying
a
self-evident
truth
that
encryption
is
good
for
us
or
encryption.
D
It
helps
us
keeps
keeps
us
safe
and
private,
thereby
all
other
social
concerns
and
individual
grievances
which
come
through
it
need
to
be
discounted,
is
not
fair.
To
engage
with
it.
Rationally
is
required
quite
often,
and
helps
us
actually
sometimes
uncover
that
the
very
basis
of
the
demands
is
faulty.
For
instance,
the
demand
around
in
the
adding
traceability
to
end-to-end
encryption,
so
the
police
can
catch.
D
A
person
who
is
who's
been
sending
rumors
leading
to
acts
of
violence
is
not
really
well
demonstrated,
because
when
you
go
to
an
expert,
they
will
say
well,
each
message
has
an
independent
value
and
that
value
can
be
changed
with
a
very
small
change
by
itself,
so
engaging
with
the
criticisms,
as
well
as
the
use
cases
around
encryption
which
may
threaten
security
individual
as
well
as
group
and
or
national
security,
is
very
much
necessary,
and
these
are
the
two
things
which
have
come
through
learnings
in
our
work.
B
Thank
you
apar.
So
one
of
the
things
that
I've
been
wondering
about
is
you
know
that
a
lot
of
governments
in
apac
and
more
globally
in
general,
are
adopting
the
stance,
which
literally
sounds
something
like
this.
You
know
because
there
are
sometimes
car
accidents.
Let's
ban
all
cars
from
the
streets,
you
know
so
when
they're
attacking
encryption,
like
that,
it's
it's
the
same
sort
of
line
of
thinking-
and
I
hear
all
of
you
when
you
say
that
we
need
to
engage
at
various
levels.
B
You
know
we
need
to
be
able
to
speak
to
lawmakers
in
a
certain
way,
and
you
know
our
community
and
lay
persons
in
different
ways.
B
My
question
is,
you
know
if,
if
a
particular
country
faces
the
threat
of
a
bill
or
a
policy,
consideration
that
may
threaten
or
or
undermine,
end-to-end
encryption,
especially
for
personal
use,
right,
because
we've
been
seeing
more
and
more
attacks,
especially
on
end-to-end
encryption,
which
ensures
safety
of
data
between
the
intended
recipient,
as
well
as
the
sender.
So
not
even
the
platform
can
see
that
information.
B
So
so
how
would
you
suggest
we
tie
in
a
campaign
that
ensures
that
we
were
able
to
defend
encryption,
especially
for
personal
use
in
that
particular
country?
I
think
I'll
go
first
with
apart.
D
I
think
neeti,
especially
in
countries
in
the
apac
region
or
our
own
learnings
from
india,
has
been
that
any
kind
of
campaign
around
encryption
will
not
be
about
encryption.
You
cannot
defend
technology
as
an
abstract.
You
have
to
make
it
much
more
tangible
to
people
in
terms
of
its
use
cases
and
the
relevance
and
the
value
it
holds
for
them
in
their
daily
lives.
We've
sent
some
amount
of
advertising
around
concepts
of
privacy.
D
How,
when
you
send
a
message
through
end-to-end
encryption,
it
can't
be
read
by
the
platform
itself,
so
zero
knowledge
actually
acts
in
the
best
interest
of
a
person
or
the,
and
these
kind
of
use
cases
need
to
be
then
demonstrated,
rather
than
this
rational
way
of
explanation,
to
explain
to
people
that
you
can
then
chat
with
your
business
partners
in
a
safe
and
secure
environment
by
enabling
certain
technical
controls,
and
that
will
make
a
lot
of
sense
to
people
in
the
daily
and
it
needs
to
be
then
further
broken
down.
D
To
purchase
property
or
to
enter
into
a
share
trade,
this
keeps
your
conversations
private
okay,
so
that
needs
to
be
much
more
fleshed
out.
In
that
way,
I
would
say
it
also
needs
to
be
told
to
people
that
when
you
see
a
padlock
against
your
browser
window
and
you're
entering
your
credit
card
details
or
financial
transaction
data,
what's
keeping
you
safe
is
the
underlying?
D
Is
the
underlying
technology
of
encryption
and
finally
niti?
My
recommendation
is
that
a
lot
of
there's
over
investment
in
communications
and
civic
literacy
in
in
english,
especially
in
india,
which
needs
to
be
much
more
diversified
towards
index
languages,
local
languages,
to
ensure
that
it
is
relatable
and
it
needs
to
be
made
by
creators
in
those
languages
rather
than
a
translation
of
the
english
copy
into
the
local
language?
B
Absolutely
agree
with
everything
you
say,
and
you
know,
plus
one
on
being
mindful
of
the
language
we
communicate
in,
because
you
know
coming
from
india
myself.
I
know
the
dialects
change
at
like
40
50
kilometers
in
this
country.
So
you
know
imagine
the
diversity
of
language
prashanth
I'll,
go
to
you
now
any
sort
of
recommendations
for
our
community
along
these
lines.
A
I
mean
if
you
look
at
the
laws
in
various
countries,
whether
it's
the
I.t
rules
in
india
or
the
a
act
in
australia,
see
when
any
country
come
up
with
such
rules
which
affect
encryption
which
affect
the
way
we
communicate.
This
definitely
will
have
an
impact
on
other
countries.
A
We
definitely
need
to
be
aware
of
what
is
happening
in
other
parts
of
the
world,
and
that
is
where
I
think
we,
as
a
community
need
to
act
together,
be
mindful
of
the
challenges
in
each
jurisdiction
and
work
together
to
I
mean,
have
a
campaign
come
together
and
attack
these
acts?
I
attend
these
legislations,
where
I
require.
B
Thank
you
and
now
finally
to
amrita.
Please.
C
Thank
you
I
see,
plus
for
plus
two
all
what
has
been
said.
I
would
add
to
a
part
like,
as
he
added
the
multilingual
part,
I
would
say,
have
more
videos,
because
people
understand
videos
more.
You
know
when
you
are
talking
to
the
absolute
common
people,
have
more
videos
etc
at
a
higher
level.
C
Perhaps,
as
prashant
mentioned,
having
conversations
you
know
being
mindful
of
what
one
government
does,
because
everyone
copies,
it
is
something
having
more
dialogues
between
the
you
know,
law,
and
you
know,
I
would
say,
the
parliamentarians
or
decision
makers
at
even
an
apac
level
having
more
capacity
building
and
capacity
building
should
not
only
happen
by
lawyers
or
by
you
know,
public
policy
people
there
should
be
technology
people
also
in
the
room
to
explain
things
because
many
times
the
explanations
also
help
in
explaining
that
look.
This
works.
This
doesn't
work.
C
Obviously
the
you
know
it.
The
discussion
has
to
be
more
social,
because
when
normally
the
conversation
comes
as
national
security,
everything
gets
frozen.
It's
you
know
how.
How
will
it
solve
the
national
security
issue
or
how
will
it
solve
a
child?
Sexual
abuse
material
moving
in
a
platform
by
breaking
encryption,
and
will
it
stop
it
completely
or
is
it
a
stop
gap?
C
Can
we
have
more
preventive
measures
taken
or
pre
proactive
measures
taking
to
address
these
social
issues,
so
I
think
we
need
to
have
at
a
higher
level
a
more
conversation
on
what
is
a
social
issue,
how
it
can
be
tackled,
how
technology
can
help
to
tackle
it,
and
I
think
something
which
apart
said
was
very
important-
is
that
you
know
we
also
have
to.
There
are
certain
issues
which
people
are
facing
governments
are
facing,
and
that
is
why
they
are
coming
to
these
kind
of
conclusions.
C
What
are
the
alternatives
need
to
be
reiterated
to
them
that
without
breaking
a
secured
system,
how
can
you
address
these
issues?
I
think
that
also
needs
to
be
those
solutions
need
to
be
given
to
them,
because
today
they
are
just
looking
at
it
as
a
stop
gap.
Treatment
like,
for
example,
we
have
shut
down.
Something
is
not
something
is
happening.
We
shut
down
the
internet,
it's
something
like
that
which
breaking
the
internet
is
happening
at.
So
I
think
the
conversations
have
to
happen
in
those
ways
more
conversations,
perhaps
having
more
legislators
coming
in.
C
B
Thank
you.
Thank
you.
So
much
everyone.
We
have
a
question
from
the
audience
and
I'm
also
mindful
of
time.
We
have
about
three
minutes
left
on
the
panel.
The
question
is
from
narsimhan
srinivasan
lakshmi
they're
asking.
Is
there
a
level
of
grading
of
encryption
to
denote
that
it
is
100,
secure
or
variations
thereof?
This
would
help
users
to
choose
the
platform
and
products.
B
So
can
I
qualify
this
before
I,
you
know
open
it
up
to
all
of
you
that
we're
we're
not
only
just
considering
encrypted
messaging
services.
We
are
even
considering
encryption
on
email,
for
example,
right
so
encryption
on
various
sorts
of
communication
and
services
that
we
avail.
So
can
I
go
to
amrita
first,
we'll
quickly
get
your
thoughts
in
like
30
seconds.
Maybe.
D
Sure
so
I'm
not
available.
I'm
not
aware
of
existing
gradations
or
certification
for
different
kind
of
encryption
protocols.
It
will
depend
both
on
the
protocol
by
itself
the
customizations
which
are
made
in
terms
of
the
implementation
of
that
protocol,
because
there'll
be
deviations
which
are
made
in
its
implementation
and
further
beyond
that.
It
will
also
depend
then,
on
the
bit
length.
D
People
are
bit
focused
on
that
and
it
will
need
to
be
audited
also
because
there
may
be
a
gap
in
how
it's
implemented,
so
the
problem
may
not
be
there
with
the
implement
with
the
protocol
by
itself.
The
problem
may
be
with
the
underlying
service
right,
so
more
or
less.
I
would
say
that
these
are
very
complex
cyber
security
assessments,
which
are
done,
and
quite
often
there's
developing
literature
around
it.
D
Of
course,
as
more
and
more
digital
technology
spreads
encryption
forms
of
backbone
to
it,
it's
always
better
for
standardization,
in
terms
of
in
terms
of
people
being
told
at
least
or
literature
existing
in
a
comprehensible
way
for
the
general
public.
I
I
would
urge
people
to
look
at
the
work
of
professor
manoj
prabhakan
who's,
much
more
of
a
theoretical
cryptographer
at
iit
bombay
or
follow
the
work
of
divine
roy
as
well
or
possibly
reach
out
to
them
for
much
more
specific
answers
around
this.
B
Thank
you
fantastic
recommendation.
So
we
have
we've
come
to
an
end
of
you
know
this
panel
on
encryption
on
day
two
of
community
week.
I
want
to
extend
my
gratitude
to
apar,
prashant
and
amrita
for
joining
us
this
morning.
B
Please,
please
do
remember
to
tweet
at
communityweek21.
That's
our
hashtag
and
thank
you
to
amazon
and
flex
optics
once
again
for
bringing
us
translation
and
closed
captioning.
I
wish
you
have
a
very
good
rest
of
the
day
and
once
again
thank
you
to
our
panelists,
our
community,
everyone
who
attended
everyone
who
raised
the
voice.
Thank
you
so
much.