Twitter is deriding the Australian Prime Minister who said that The laws of mathematics are very commendable, but the only law that applies in Australia is the law of Australia. This may seem funny at first sight, but unfortunately this lays bare a very fundamental problem: both sides of the trenches in the current ‘crypto war’ fail (or even flatly refuse) to understand each other.

This (second) crypto war rages over the question whether government should get access to end-to-end encrypted communication between devices and the encrypted data stored on such devices.

I often say that computer scientists see the world in zeros and ones, in black and white, whereas lawyers (and policy people) distinguish at least fifty shaded of grey. For lawyers it all depends on the context, and policy people have to consider the concerns of all the stakeholders in society. These totally different, incompatible, ways of looking at the world are moving us away from a solution to this important problem. As a result the world becomes both less safe and less privacy friendly.

Policy people have a hard time coming to grips with strong encryption. They fail to see that by calling a backdoor a front door, or a golden key, the problem does not magically disappear. And they fail to see, more broadly speaking, that policies that may make sense in the physical world may break in the virtual world (in unexpected ways). We see this in the net neutrality debate, the way intellectual property rights are defined, and many others…

But the security and crypto experts are partly to blame. They tend to say that from a technical perspective it is impossible to provide governments lawful access to encrypted communications or stored data in secure manner. Hyperbolically speaking, that the laws of mathematics makes this impossible. The situation is much more nuanced, however.

First of all, the technical argument is mainly built on the premise that (computer or communications) security (i.e. in the sense of restricting access to the data) trumps any other societal concern. Yes, there are many good reasons to argue for the strongest possible security, but there is always a trade off, with the associated costs (that may become too high), desired functionality or overall usability.

Second of all, by focusing only on the technological perspective, the crypto debate we should be having, namely whether it is reasonable for government to demand access to all communications and all stored data, does not happen. Even worse, should some bright scientist come up with a clever idea that actually makes it possible to securely give government lawful access (and I believe this is indeed possible for access to encrypted stored data) there are no credible arguments left to resist a government push towards this access. Whether the request is reasonable or not. And we will probably be left with a system without any of the necessary safeguards.

Moreover, the crypto war is only a very specific instance of a much more general discussion we should be having about how to build and govern a public infrastructure like the Internet that is both secure, private, safe, free from abuse, and honours as much as possible all other norms we as a society deem important. Society (through government) has a role to play in governing the virtual world, just as it has a role to play in governing the ordinary physical world. We do not deny the police access to the streets or even our houses, but we do put strict safeguards in place to regulate such access. The main, vexing, question is how to police the virtual world, and how to do that in responsible manner, with appropriate technical, legal, and societal safeguards in place.

Policy needs to recon with many concerns; the laws of mathematics is only one. Tech developments are not inevitable, and their consequences can be steered. In that sense I agree with the Australian Prime Minster.