> don't seem to understand is that this is the downside of living in a free society
No, what they don’t understand is that the cryptography that protects your bank account is the exact same cryptography that (supposedly) makes law enforcement difficult. There’s no way to separate the two, any more than you can separate the arithmetic that is responsible for updating your bank account from the arithmetic that is responsible for updating the bank account of a Colombian drug lord.
Of course there's a way to separate them. Let banks do what they like and obstruct everyone else in some way. As another poster phrased the argument: "Corporations should have access to strong encryption, just not little people."
Sure except that's like trying to ban alcohol, and we all know how that worked out. It's far too easy to get your hands on, especially for criminals who are sufficiently motivated.
You don't need that parenthesized qualifier, and putting it there seems unfair. If we are to have a fair, honest discussion focusing on the merits we need to recognize when the opposing side makes a valid point, and it is pretty obvious that secure & encrypted communications does make law enforcement materially more difficult.
Once this point is accepted we can focus the discussion on whether the trade off is worth it.
Exceptional access is an architectural issue, and does not need to depend in any way on weakening of encryption. This presumes a logically implemented plan to offer exceptional access. Earlier this year, one commenter on HN pointed out a few trivial schemes to offer exceptional access in a way that doesn't compromise the encryption.
The concerns about exceptional access are about custody and access controls. If you share a secret with a 3rd person (LEO, IC, tech company), the possibility of that secret being leaked has gone up by some non-zero amount. The design of exceptional access mechanisms is therefore not only technological and procedural, but also political, etc.
For the arguments about "you cannot stop math", the concern is about the deployment of strong encryption, without exceptional access -- at scale. Policy dictates implementation of encryption at scale (by major tech companies), not math. Individuals and businesses will still be free to deploy their own encryption that doesn't offer exceptional access. It's unlikely that encryption itself will ever be attempted to be outlawed. If, for instance, you want to xor every bit of your comms with a OTP that you've shared with your overseas partner, it's unlikely that such a thing will ever be outlawed on Western public networks.
Likely, the concerns for LEO and the Intelligence Community are related to "going dark at scale" - meaning that if the big tech companies were to entirely lock out the possibility of exceptional access, the job of the criminal to hide from LEO would become trivial and accessible to all levels of criminals.
No, what they don’t understand is that the cryptography that protects your bank account is the exact same cryptography that (supposedly) makes law enforcement difficult. There’s no way to separate the two, any more than you can separate the arithmetic that is responsible for updating your bank account from the arithmetic that is responsible for updating the bank account of a Colombian drug lord.