What’s stopping people using encryption software?

In his recent live SXSW speech, Edward Snowden laid out the main causes of the current breakdown in online privacy as he sees it.

One factor he strongly underlined was the notoriously poor usability of online security solutions – or more specifically, serious data encryption software.

While most people have some kind of security package installed, standard consumer-orientated solutions such as Norton and AVG offer zero protection from GCHQ attacks, as true data encryption functionality is either minimal or non-existent.

But why is this? Why is data encryption seemingly the reserved for uber-nerds only? Let’s look at the main barriers to usage:

Un-cool factor. “It’s too nerdy”.

Data encryption is most definitely not cool. Maybe this will change in the coming years, but for now, this is a huge barrier to usage. Countless films and TV shows have reinforced the ‘computer nerd’ stereotype:

X Files Computer Nerds
“Learn programming and install data encryption… it’s great.”

 

Whether this is a full-blown government conspiracy or (more likely) just an unfortunate cultural side-effect, the reality is:

  • Your government does not want you to encrypt your data
  • TV and film productions reinforce a nerdy, undesirable computer-literate image
  • This discourages viewers from becoming highly computer-literate
  • This in-turn results in low engagement with encryption software, so a small market size. Which leads on to.

Encryption is not in the public eye. “What’s data encryption?”  /  “It’s probably too hard.”

Data encryption is not mass-market. Your dad thinks Norton Antivirus is it. Your mum knows the difference but wouldn’t know where to start looking.

Imagine the cultural impact if Apple decided to make data encryption their front-and-centre message.

If there were readily-available, mass-market products highly visible in the marketplace, you could justifiably criticise your mum and dad’s apathy. But the big development companies with heavyweight marketing budgets just aren’t delivering anything. No products = no marketing campaigns = no everyday visibility.

Technical difficulty. “I tried installing it, but it was way too technical for me.”

This is Snowden’s point. The few adventurous souls who actually attempt to install a serious package tend to hit a brick wall – painful installation procedures, and nasty user interfaces designed by coders rather than designers.

Snowden’s elegant solution is to build encryption technology into operating systems themselves – so not requiring users to proactively install software to benefit.  I wonder if Microsoft and Apple will step up?

Perceived ineffectiveness. “There’s no point – all vendors are in-league with GCHQ anyway.”

This is a fair point, given recent revelations.

Perceived irrelevance. “I’ve got nothing to hide.”

This is seemingly the biggest barrier to mainstream uptake of encryption. But I wonder how many people are genuinely apathetic, and how many hide their fear of the above points behind a public veil of apathy?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.