Right now policymakers are deliberating a touchy question: Should governments force tech companies to insert “backdoors,” or intentional access points into their encrypted products?
Doing so would presumably aid law enforcement officials in their criminal and counter-terrorism investigations. (Otherwise they would be shut out from reading or intercepting certain data.) Yet any “backdoor” in a consumer product could also be exploited by hackers or spies, technologists warn.
Get Data Sheet, Fortune’s technology newsletter.
Enter Bruce Schneier. The crypto expert and best-selling author has spent the last few months bolstering an economic case for why the U.S. should reject any proposed mandates for “backdoored” encryption. In fact, Schneier counts 546 reasons.
The gist of Schneier’s argument is this: The U.S. is not the only place in the world that creates encryption products. If the nation were to strong-arm companies headquartered on its turf into weakening their encryption standards or building in access points for the benefit of cops and Feds, business would suffer. Consumers—not to mention the worst criminals—could simply flock to whichever overseas service offers better privacy and protection.
Oh, and companies could relocate too. In 2014, for example, the communications firm Silent Circle moved to Switzerland, citing the country’s historical neutrality in its decision. Imagine if Apple
, one of the world’s most valuable companies and an outspoken critic of encryption “backdoors,” chose to uproot itself?
Schneier began gathering data last fall to determine how many encryption products exist worldwide. On Thursday he released his findings in a report published by the Harvard Berkman Center, an Internet research center where he has a fellowship.
Here’s what Schneier and his researchers found, rendered in chart form.
See that 546? That’s the number of encryption products developed abroad. Although Schneier cautions that the data set is not comprehensive, he says he believes it is a good representation of the present global market. Two-thirds of encrypted products, by his team’s count, originate outside the U.S.; each can be viewed as a possible alternative, thus a threat, to American industry.
Here’s the breakdown by top countries.
Sure, the U.S. beats the competition by a mile in terms of total products—for now. But Germany, which claims the number two spot, has already firmly staked out a position opposing encryption “backdoors.” The Netherlands, tied for ninth, recently did the same. Either could become attractive alternatives for consumers if the U.S. were to make “backdoors” compulsory.
(In contrast, the United Kingdom and France both have appeared more willing to entertain the possibility for banning strong end-to-end encryption.)
For more on encryption, watch:
“U.S.-only restrictions will adversely affect U.S. companies in this worldwide market,” Schneier said of the findings, crediting a similar 1999 study as inspiration for the project. “Criminals and terrorists will switch to more secure foreign alternatives, and the people who will be most affected are the innocent Internet users who don’t know enough to use non-backdoored alternatives.”
So there’s 546 reasons—and counting—not to mandate encryption “backdoors.”