In the end, what's encryption?
Imagine for a moment that the lock on your house, that piece of metal that gives you peace when you leave, simply does not exist. You wake up, get dressed, have your coffee, and when you open the door, you realize there is no bolt, latch, or key. Anyone could enter. Would you leave your money on the table? Your notebook with your most intimate thoughts visible in the living room? Of course not. The lock is much more than a simple piece; it is the guardian of your privacy and security.
Now, let’s leave the physical and enter our digital territory: that abstract space where we keep our messages, photos, bank passwords, and even the most intimate details of our lives. If the internet were a neighborhood without locks, we would be perpetually watched residents, with no secrets and no valuable belongings safe.
Fortunately, there is a tool that works like the best and most invisible of digital locks: encryption.
Imagine you want to send a valuable jewel, a very personal photo, an important contract, or a bank password to a relative. Before sending it, instead of putting it in a normal envelope, you put it in a secure armored box. Once inside, you close it with a secret code that only you and your relative know.
Your information is a valuable possession, encryption is that secure armored box, and the key is the secret code that opens the box.
When you send the information, it goes from being something readable (a normal text message) to a bunch of “incomprehensible scribbles” that we call encrypted text. If an adversary intercepts the package in transit, it doesn’t matter how skilled they are: without the secret code (the key), they only have a heavy and useless box. The value remains safe.
Three Fundamental Layers of Protection
1. Confidentiality Layer
Allows you to send messages without fear of them being read by spies or third parties. In messaging apps, end-to-end encryption is the hero. But not all locks are equal. That’s why, at CAD, we promote Free Software (open source) tools like Signal, where any expert can review the code and verify there are no backdoors or master keys hidden. With closed code, we only have to trust the marketing of companies like Meta.
2. Integrity Layer
Ensures the message or document has not been tampered with along the way. It’s a digital seal that, if broken, immediately indicates the contract you signed or the amount of money you transferred was altered by a malicious third party.
3. Authentication Layer
Confirms that the person or website you are talking to is who they say they are. Prevents a scammer from tricking you by setting up a fraudulent website (phishing) to steal your key (your password).
Encryption for Activists, Journalists, and Human Rights Defenders
If for a common citizen encryption is the lock on their house, for a social activist, an investigative journalist, or a human rights defender, encryption is a tool of self-protection.
The work of reporting injustices, corruption, or state crimes relies on people’s ability to organize and share sensitive information. In the digital era, without encryption, this work is almost impossible to carry out safely.
Encryption protects you for three crucial reasons:
1. Protecting the Source of Truth (Freedom of Expression)
A journalist needs to protect their source. With end-to-end encryption, communication is a sealed capsule that only opens on the devices of the source and the journalist. This guarantees anonymity and, with it, the very existence of investigative journalism.
2. Ensuring Secure Organization (Right of Association)
Social movements need a safe space to plan strategies. Encryption in communications and document storage is the secret meeting room that allows them to exercise their human right to peaceful association without being watched or repressed before they can act.
3. Preventing Criminalization and Harassment (Personal Security)
For an activist, privacy is a matter of physical security. Full disk encryption on a device means that even if seized, information is inaccessible without the key. It acts as legal and physical armor against intimidation.
Why Encryption “Does Not Work”
Encryption is a powerful, essential, and even legally obligatory tool. However, there is a truth we must engrave in stone: the tool alone does not protect you if you don’t know how to use it properly. This is where encryption, in fact, “does not work.”
Imagine you have the best safe in the world, but you write the password on a sticky note stuck right on top of it. Or you use a high-security lock but leave the window open. Encryption becomes just as useless with bad practices:
- A weak password is an open window: The most advanced encryption amounts to nothing if your access key is
"123456". Use password managers. - Phishing: The best encryption will not protect you if you voluntarily give away your key. Phishing tries to make you type your password on a fake website. Stay skeptical.
- An outdated app is a rusty lock: If you use an old version of an app or operating system, you use a tool with known vulnerabilities. Keep all your software updated. Updates are security patches.
- Insecure backups: Many messaging apps offer backups of your chats in the cloud. Always check the settings: if you don’t enable specific encryption for the backup, you are leaving a copy of the key available to the platform.
In an increasingly digital world, defending the universal and strong use of encryption is defending the freedom and privacy of every person. Some types of encryption provide automatic protection even if you have bad security practices. But the work does not end there. True digital autonomy is not just having the best lock but also knowing how to use it.
¡Research, explore and learn! Protecting privacy is defending human rights.