
Paradigm founder's recommended reading: Why we need to defend privacy with cryptography?
TechFlow Selected TechFlow Selected

Paradigm founder's recommended reading: Why we need to defend privacy with cryptography?
If the law abolishes the right to privacy, then only criminals will have privacy.
Author: Philip R. Zimmermann
Compiled by: TechFlow
Introduction: On August 19, the founder of Paradigm recommended this article, saying, "Rereading Phil Zimmermann’s explanation of why he wrote PGP in the 1990s is well written and still highly relevant today." Accordingly, TechFlow has compiled and translated this piece.
PGP is a personal, private encryption protocol—known only to you and no one else. Whether you're organizing a political movement, discussing your taxes, engaged in an extramarital affair, or contacting dissidents in an authoritarian country, regardless of the specifics, you do not want anyone eavesdropping on your private emails and confidential files. Protecting your privacy is absolutely legitimate; the right to privacy is as American as the Constitution itself.
The Bill of Rights implicitly recognizes the right to privacy. But when the U.S. Constitution was drafted, the Founding Fathers saw no need to explicitly guarantee the right to private conversation—because it would have been absurd. Two hundred years ago, all conversations were inherently private. If someone could overhear you, you simply moved to a different corner. No one could secretly listen in without your knowledge. Given the technology of the time, both philosophy and physical laws treated private communication as a natural right.
But everything changed with the arrival of the information age—starting with the invention of the telephone. Today, most of our conversations are transmitted electronically, unknowingly exposing our most intimate discussions. Now, a simple radio receiver can intercept mobile phone communications, and email sent over the internet is hardly more secure. Email has rapidly replaced paper mail—it's no longer novel but a universal tool used by everyone.
Not long ago, government intrusion into ordinary citizens’ privacy required significant cost and manpower—intercepting physical mail and opening letters with steam, for example. Before automated voice recognition existed, they had to manually listen to and transcribe phone calls. Large-scale surveillance of this labor-intensive kind was impractical, so it was only justified in high-priority cases. Today, however, governments can conduct undetectable mass surveillance, routinely scanning emails automatically for keywords. Think of it this way: old methods caught one fish at a time; new methods use nets for industrial-scale fishing. And exponential growth in computing power is making large-scale voice call monitoring increasingly feasible.
You might think your emails are perfectly legal, so there's no need to encrypt them. But if you're truly an upstanding citizen with nothing to hide, why don't you send postcards instead? Why resist mandatory drug testing? Why should police need a warrant to search your home? Are you hiding something? Does putting paper inside an envelope make you a subversive, a drug dealer, or a paranoid? Do law-abiding citizens really need to encrypt their emails?
What if society believed that law-abiding citizens should communicate via postcards? Then, anyone who dared use an envelope to protect their privacy would immediately arouse suspicion—and perhaps prompt the government to open and inspect their mail. Fortunately, we don’t live in such a world. We all use envelopes to protect most of our correspondence, so no one draws suspicion for valuing privacy. There’s safety in numbers. Likewise, if both good and bad actors routinely encrypted their emails, no one would be suspected merely for using encryption to protect their privacy. We should view widespread encryption as a form of solidarity.
Senate Bill 266 in 1991 was part of a comprehensive anti-crime bill containing a troubling clause. Had this non-binding resolution become actual law, it would have forced all manufacturers of secure communication devices to build special “trap doors” into their products, allowing the government to read everyone’s encrypted messages. It stated: "Congress declares that providers of electronic communications services and manufacturers of electronic communications service equipment shall ensure that their systems permit government access to the plaintext content of voice, data, and other communications when authorized by law." This bill is precisely what prompted me to release the electronic version of PGP for free. Soon after, it was defeated amid strong protests from civil libertarians and industry groups.
The 1994 Communications Assistance for Law Enforcement Act (CALEA) authorized telephone companies to install remote wiretapping ports in digital switches at central offices—the technical infrastructure for “point-and-click” wiretapping. With this technology, FBI agents no longer needed to install physical taps on-site; they could monitor your calls from their desks in Washington. Of course, the law still requires court orders for such surveillance. But while legal frameworks may change overnight, technological infrastructure tends to persist across generations. Once communication systems are optimized for surveillance, shifts in political conditions could lead to abuse of these new powers. Political climates may shift gradually with new elections—or abruptly, such as after a federal building bombing.
One year after CALEA passed, the FBI disclosed a plan requiring phone companies to enhance their infrastructure to allow simultaneous wiretapping of 1% of all phones in major U.S. cities—a thousandfold increase in surveillance capacity. In previous years, federal, state, and local courts had authorized roughly one thousand wiretaps annually. Monitoring 1% of all phone traffic would require an unimaginable number of judges to issue warrants, not to mention FBI personnel to conduct real-time monitoring. The only plausible way to process such volume is through large-scale automated voice recognition, scanning all communications for keywords or specific voices. If the first 1% sample fails to yield results, authorities could move to the next batch until targets are found or all data is scanned. The FBI claimed this capability was intended for future needs. Public outrage was so intense that the proposal was later rejected by Congress. Yet this episode revealed the FBI’s appetite for broader surveillance powers.
Technological progress makes maintaining the status quo impossible. The current situation is unstable. If we do nothing, emerging technologies will grant governments automated surveillance capabilities beyond even Stalin’s wildest dreams. The only way to preserve privacy in the information age is through strong encryption.
Even if you trust the government, you still need encryption. Business competitors, organized crime syndicates, and foreign governments may also be listening. For instance, some foreign governments now openly admit using signals intelligence to undermine foreign corporations and gain competitive advantages for domestic industries. Ironically, during the 1990s, the U.S. government restricted encryption, thereby weakening American businesses against foreign intelligence agencies and organized crime.
The government understands that encryption is destined to play a pivotal role in the balance of power between itself and its citizens. In April 1993, the Clinton administration unveiled a bold new encryption policy initiative—one originally developed by the NSA under the Bush administration—centered around the “Clipper chip.” The Clipper chip was a government-designed encryption device incorporating a classified NSA encryption algorithm. The government sought to encourage private companies to integrate the Clipper chip into all secure communication products (such as secure telephones and fax machines). AT&T incorporated the Clipper chip into its secure voice product. But here was the catch: each Clipper chip contained a unique key, with a copy held by the government in escrow. Don’t worry, though—the government promised to use these keys only when “legally authorized” to access your data. The logical next step toward full effectiveness? Banning all other forms of encryption.
Initially, the government claimed the Clipper chip would be voluntary, with no ban on other encryption types. But public backlash far exceeded expectations. The computer industry united in opposition. In a 1994 press conference, FBI Director Louis Freeh stated that if the Clipper chip failed to gain public acceptance and unregulated encryption hindered FBI wiretapping, his office would have no choice but to seek legislative remedies. Later, testifying before the Senate Judiciary Committee after the Oklahoma City tragedy, Director Freeh reiterated that the government must restrict public access to strong encryption—even though no evidence suggested the bombers had used cryptography.
The government’s past actions offer little reason to believe it will never violate our civil liberties. The FBI ran the COINTELPRO program targeting groups opposing government policies. They spied on anti-war and civil rights movements. They wiretapped Martin Luther King Jr.’s phones. Nixon maintained an infamous “enemies list,” culminating in the Watergate scandal. Recently, Congress has proposed multiple bills restricting our online civil liberties—some of which have already passed. Consider how certain members of the Clinton administration collected FBI files on Republican civil servants for political leverage. Or overly zealous prosecutors traveling across the country to expose sexual scandals of political opponents. In the last century, public distrust of government has never been as widespread across the political spectrum as it is today.
In my view, one effective way to resist the disturbing trend of government attempts to outlaw encryption throughout the 1990s was to use encryption as widely as possible while it remained legal. The more pervasive strong encryption becomes, the harder it is for the government to criminalize it. If privacy becomes illegal, then only criminals will have privacy.
PGP appears to have played a role. Combined with years of sustained public protest and industry pressure to relax export controls, the Clinton administration announced a complete reversal of its encryption development policy in the final months of 1999. They essentially abandoned the entire regulatory regime. Now, we can finally develop strong encryption without restrictions on cryptographic strength. It was a long struggle—but we won, at least in terms of U.S. jurisdiction. We must continue using strong encryption to counteract the growing global governmental surveillance of the internet. The FBI continues to oppose encryption—we must keep defending our right to use it domestically.
PGP empowers individuals to take control of their own privacy. I invented it because society’s need for it was growing.
Join TechFlow official community to stay tuned
Telegram:https://t.me/TechFlowDaily
X (Twitter):https://x.com/TechFlowPost
X (Twitter) EN:https://x.com/BlockFlow_News














