Encryption is a process that renders data unintelligible to anyone who doesn't have the decryption key (often a password). Encryption can be applied to data “at rest” (such as files stored on your computer) and data “in motion” (such as messages in a messaging application).
You can encrypt “at rest” data on a digital device by enabling Full Disk Encryption (FDE) on the device with a strong password. When the device is turned off, its data is encrypted; when you turn it on and enter the decryption key, its data is decrypted until it is turned off. If a device with FDE enabled is seized by an adversary during an arrest, house raid, or covert house search while it is turned off, the adversary will not be able to access its data (unless they bypass its authentication).
You can encrypt “in motion” data by using Tor[1] or a Virtual Private Network (VPN) for your Internet activity, and by using end-to-end encrypted messaging applications for your digital communications. Encrypting “in motion” data can prevent an adversary from monitoring your digital activity in various ways.
Encryption should be considered a harm-reduction measure, not a panacea. You should not use digital devices for incriminating activities unless it's unavoidable, and you should have all your incriminating conversations outdoors and without electronic devices.
Techniques addressed by this mitigation
| Name | Description | |
|---|---|---|
| Service provider collaboration | Encrypting “in motion” data limits the ability of untrusted service providers to collaborate with an adversary. For example, your Internet Service Provider will be able to collect much less data about your Internet activity if you use Tor[1] or a Virtual Private Network (VPN). | |
| Forensics | ||
| Digital | Electronic data retrieved from a digital device is useless if it is encrypted and cannot be decrypted by the forensic examiner. To achieve this, you can encrypt your devices with Full Disk Encryption and a strong password. This type of encryption is only active when the device is completely powered down (not locked or hibernating), so all your encrypted devices should be turned off when not in use. | |
| Targeted digital surveillance | ||
| IMSI-catcher | If a phone's “in motion” data is encrypted, it is unintelligible to an IMSI-catcher. For example, you should use end-to-end encrypted messaging applications instead of legacy texts and calls for your phone communications. | |
| Malware | Encrypting “in motion” data can complicate network packet injection — an installation vector for some forms of modern spyware, such as Pegasus[2]. | |
| Network forensics | If you encrypt your network traffic with Tor[1] or a VPN, it is harder for an adversary to analyze it. | |
| Mass surveillance | ||
| Mass digital surveillance | Encrypting “in motion” data renders the data unintelligible to observers at certain points on the network, such as State network monitoring centers. | |