The security of computers and the Internet is a horrible and dangerous mess. Every week we hear about breaches of databases of Social Security numbers and financial information and health records, and about critical infrastructure being insecure.

As the local police department might want to decrypt a phone of a criminal suspect, so would the Chinese or the Russian or the Iranian intelligence agencies like to be able to do exactly the same thing.

So, in 1993, in what was probably the first salvo of the first Crypto War, there was concern coming from the National Security Agency and the FBI that encryption would soon be incorporated into lots of communications devices, and that that would cause wiretaps to go dark. There was not that much commercial use of encryption at that point. Encryption, particularly for communications traffic, was mostly something done by the government.

In order for any smartphone manufacturer to decrypt the data on your phone, it has to hold onto a secret that lets it get that access. And that secret or that database of secrets becomes an extremely valuable and useful target for intelligence agencies.

The perspective that law enforcement is presenting seems to be a very narrow one that's focused very, very heavily on investigations of past crimes rather than on preventing future crimes. It's very important for policymakers to take that broader view because they're the ones who are trusted to look at the big picture.

On balance, the use of encryption, just like the use of good locks on doors, has the net effect of preventing a lot more crime than it might assist.

As we build systems that are more and more complex, we make more and more subtle but very high-impact mistakes. As we use computers for more things and as we build more complex systems, this problem of unreliability and insecurity is actually getting worse, with no real sign of abating anytime soon.