Ah, the great encryption debacle! While I will gladly discuss it with anyone who asks and I will admit that I am somewhat weary of its discussion in public forums, but I figure why not throw my hat in the ring and offer up my 3 grubby cents worth about it. First, the long and short of it for those of the millennial generation such as myself with shorter attention spans: Daddy E (ncryption) is way over used and pointless 95+% of the time!
For those with a little bit of time and a nice hot (or cold) glass of... whatever who are curious about the above foregone conclusion, here's a little about me. I am an end user of an encrypted radio system whose EMS, yes EMS, agency uses an encrypted channel. I can speak on encryption from experience with it. Now I know that I am not a law enforcement agent but we work VERY closely with them and I had LE training and was trying to get into LE before turning to EMS full time because it was a good opportunity for me and the continuing of my education. So while I cannot speak directly from the LE perspective, I can speak from the first responder perspective in general, a perspective that is surprisingly similar and in many ways indistinguishable for all of us first responders. Who knows, there may even be a radio enthusiast law enforcement officer out there who can back up my side.
Which is a first point I'll make. I work in a very rural EMS system; we cover 2700 square miles of desert with 4 ambulances. If we are responding to an unknown medical aid in the middle of nowhere at 3am with no additional info from the call center (a very common occurrence), we are called to go to a strange house at 3am, go up and knock on the door and go forth into whatever happens next. We have no clue who's in there or what they want, we don't know what's going on- or even if it's the correct house sometimes. We have nothing but unknowns. It could be something real and legitimate, 20% or so of this. It could be a bunch of bulls***, 79.9% or so of this. However, for EMS, there is that very real 0.01-0.1% chance that it could very well be some sort of ambush against first responders in general; sadly the hatred of cops and the violence associated with it is bleeding into the other services of Fire and EMS. Now some may say that I'm being dramatic, and who knows, after over 8 years in EMS maybe I am, but the only real difference between a police officer and me in that situation is that I don't have a gun or any alternative incapacitating tool such as a tazer or pepper spray; I don't have any real way to detain someone like handcuffs. All I have if the **** hits the fan is my brain power and whatever the hell I can grab on the way back to the rig to drive away or run off and take cover!
The real point is that the safety concerns are very real for all of us, especially in today's hyper divided climate! And I will emphatically say right now that encryption does very little- next to nothing really- in terms of safety. It is a very minor portion of the maybe 5% of the time that encryption is useful. Sure, a "bad guy" can't use his awesome brand new Uniden sds200 scanner- that I'm sure he bought leagally- to hear where we (or the police) are per se. But, again, I work in a desert area, when a dust trail is coming down your road (or headlights/ code 3 lights at night) or when someone is walking up to you door, that really cool encrypted tactical advantage is now long gone, and you're at the mercy of the situation as it stands. The fact that Sally Q scanner listener down the street and John Q scanner listener in town didn't hear you go en route or on scene does NOTHING to help or guarantee your safety! Now, yes, I do understand that there is that 1 in 20 million call that the E channel will have contributed some to the safety of the situation and that cannot be discounted. But it surely does not logically lead one into a conclusion of blanket encryption being a good thing. I promise you that no one out there can actually show with any real certainty that encryption saved a life. Just because a radio has it "built in" does not mean it needs to be used.
So, there is your "officer safety" or a better phrase would be "first responder safety" aspect of it.
The next aspect to tackle is the buzzword of the decade: you guessed it..... interoperability! Now we all know that after 9/11, one of the biggest *****ing points of the responders involved was that no one could talk to one another. Even within the same agencies there were issues. Now, yes, I do know that radio technology was different back then, and most agencies didn't have radios with channel capabilities for multiple agencies and interop channel groups, but the complaint was there all the same. Now the really interesting part is that almost 20 years on, in major incidents I'll give you three guesses what a major complaint is. You got it..... interoperability. People still can't talk to each other even with dedicated interop channels and the push for plain language. Now the problems with this are numerous and won't be discussed here as they aren't truly pertinent to the discussion at hand, but I can say with 100% certainty that encryption is not the answer and the way it is being used and implemented today is only driving a knife into the heart of any idea of interoperability.
Now, to be fair, I never have heard of interoperability being used as a reason or excuse for encryption, but it is certainly a reason that encryption should be very very lightly and very very rarely used. As has been pointed out before, when it comes to mutual aid and interoperability, encryption only multiplies problems exponentially. Now, a whole slew of agencies and many hundreds if not thousands of additional radios need to have shared encryption keys- and all be rekeyed together- which only drives down any idea of security that you thought you had. It's a definite no brainer that the more "out there" an encryption key is the less safe and secure it is. Also, for cooperating agencies who don't have or don't want to afford the radios for it, backchannels with no encryption need to be added, defeating the idea of encryption all together.
Now, sure, these access channels will only be turned on when needed (or turned on and not turned off if a dispatcher forgets to break a patch.) But guess what incidents are going to need the access channels turned on? You got it, the big ones, the ones that the powers that be might want some secured comms on! Again, defeating the purpose.
I can tell you from many personal experiences that it really sucks being on scene or going to a scene and not being able to hear pertinent radio traffic. We are a private non profit agency and have our own encrypted channel and dispatch. We don't have fire department- **slight exception to this but not really**- or law enforcement channels nor do we have scanners anymore. Conversely, they don't have our channel. Therefore, to get information too or from one agency to another, we have to play the famous game of telephone.
As the saying goes: when seconds count.... What should be one press of the microphone PTT and a second or two of talking now takes 1 or more minutes depending on the number of dispatch centers the information has to go through. And inevitably what was said on one end will not be what comes out on the other end. Can't really tell you how embarrassing it is to have a $5000 radio flapping on my hip as I run over to a LEO or fire apparatus just to talk to them because the telephone game would be useless. Also can't really explain how strange it is to try and cancel needed resources only to have them show up and then 30+ seconds later have their dispatch advise them that we are on scene and that they can cancel. No one can hear each other, no one can talk to each other and every agency wants their piece of the encryption pie and we are now farther than ever from any sort of interoperability. How we have truly failed our 9/11 predecessors.
So that covers the first responder safety and the interoperability aspects of encryption. As I stated at the outset, encryption is way overused and useless 95+% of the time. I just covered the useless part of it, now let's see the overused part. Now, to start, yes I do see the usefulness of encryption on certain well defined and limited channels. I am not "anti encryption" in my views. There are certainly channels that deserve encryption. SWAT/ SRU channels need it, though my belief is that SWAT should use low power simplex encrypted channels with portable repeater use as needed. Narcotics, vice, undercover all the same thing. When it comes to tac channels I may ruffle some feathers here; I do believe that primary (dispatch) as well as the primary tac channels should be clear. There can also be an encrypted tac channel for use as well as a records channel but the main tac channel should be clear. As I said, I know there will be some disagreement there, but hey, this is my opinion, take it or leave it. This part is really just relating any justifications for encryption that I have heard and refuting them as any real justification.
First, I want to point out that encryption doesn't truly hide anything. In today's world with cell phones and tablets and cameras and internet everywhere, people find out what's going on one way or another. Every city or town that I know has at least 1 "What's going on in XXX" Facebook page. Any time a police or EMS helicopter flies around or any time multiple emergency units respond somewhere, people start posting about it. It's only a matter of time before the information about what is going on is on there. And it's all in pretty real time. Sure, it's not perfect, but if something is going on people know about it and post any information that can on it.
Now, when it comes to EMS encryption the main justification I hear is HIPAA. The only bad news is that the HIPAA regulations themselves explicitly exempt 2 way party line style communication devices because you can't truly protect patient privacy on them. Most hospital talk groups on trunked systems are moving to encryption for this very excuse. Nevermind the fact that EMS 99+% of the time uses cell phones to call the hospital, encryption is useless as we don't give out PHI over the air- or on the cell phones. To illustrate further, if I am sitting in my ambulance and have the encrypted hospital channel selected on the radio and I listen to another ambulance give a report and use PHI (the supposed justification for having encryption) that is a HIPAA violation in and of itself as I am not in any way directly involved in that patients care or treatment. This reasoning is bunk. Unencrypted hospital channels would be boring as they may get one 3 minute use every third day or so, but should be left unencrypted anyway. The default needs to be clear not encrypted.
Another reason I have heard for encrypted EMS channels is that let's say a gang shooting occurs, we don't want the gang members to know which hospital we took the guy to because they may show up to finish the job. However, if you call an ER they will usually tell if a patient- if they are a loved one- is there. If homeboy Joe calls about his "brother" who just got brought in.... well, you see the rest. Plus, again, cell phone usage precludes a scanner from listening in anyway.
Another reason I have heard for encryption is on a big incident, like a terror attack, you don't want other "bad guys" to know where the triage tent and other areas are set up or what is going on. Aside from the non stop news coverage that would happen, doesn't seem too difficult for a "bad guy" to go there on foot and in person to take a look around and figure it all out for himself anyway while posing as an interested civilian or reporter.
These are but a few examples. I haven't even covered transparency. This is a discussion that will last for a very long time and stir up much heated debate and controversy. As I said, encryption is not needed 95+% of the time and the reasons for it are lame.
As an end user of it, all I can say is that we are now farther than ever from anything worthwhile. It has done very little for safety, done nothing at all for interoperability, killed any remaining trust and transparency for many agencies and will only increase public distrust of public safety agencies at a time when it is least needed. Encryption needs to be used a sparingly and rarely as possible and for reasons of dire need. General blanket encryption is not a dire need. Locking out the public from radio traffic does no one any favors. Clear airwaves should be and need to be the default not the exception.
I do apologize somewhat for the length and for those of you who hung in this long, bravo!
