Encryption Is Not Enough: The Limits of Network Privacy

Most Americans assume that “encrypted data” means private. Encryption has been marketed as a powerful, almost fool-proof tool for privacy, and has become a foundational element of digital security in both public and private networks. But encryption alone does not reveal the whole story. As AI becomes more capable, the differences between “encrypted” and “truly private” are growing in ways that matter tremendously for individuals, businesses, and national security.

What Encryption Misses

Every time someone goes online to conduct a search, stream content, or post on social media, data is being transmitted and relayed between different computers and data centers across the world. The data that travels across the Internet contains more than just the content the user sees, like an image or webpage information. Each transmission generates metadata, or information about the size, timing, destination, and frequency of that data. The metadata is almost like an envelope. The encryption protects what is written inside, but the metadata provides revealing information, like who sent it, who received it, and how thick the envelope is. 

Metadata can be intercepted and analyzed without ever breaking encryption, like a nosy postman analyzing the outside of an envelope and holding it up to the light before placing it back into circulation. In the hands of a motivated actor, this information can be very revealing. Sophisticated analysis of metadata can infer relationships between parties, identify when major events are occurring, and map out communication networks, all without “opening the envelope.” The billions of miles of buried and undersea fiber and cable globally present persistent opportunities for interception, increasing security risks for businesses, governments, and ordinary people.

Network Padding

To address this issue, engineers and researchers have developed tools known as “traffic padding” or “network padding.” The basic idea is that if all data transmissions can be made to look similar in size and timing, malicious observers have less relevant data to work with and interpret. By adding artificial “noise,” network traffic obscures the otherwise identifiable patterns that the analysis would depend upon.

Several technologies have utilized this idea at different levels of the network. At the domain level, EDNS(0) padding standardizes the size of basic internet lookups. At the connection level, TLS 1.3 obscures the size of data exchanged during secure sessions. Deeper in the network, IPsec and IP-TFS standardize packet sizes and smooth out traffic flows. At the system level, Tor routes traffic through multiple encrypted layers and generates artificial cover traffic to mask real usage patterns.

These tools each offer genuine improvements, but they each have their own tradeoffs. EDNS(0) fails to hide when or how often lookups are occurring. TLS padding is inconsistently used in practice and insufficient when used alone. IPsec and IP-TFS require significant overhead and complexity, which limits their practicality. Even Tor, the most robust of the options, introduces substantial latency and has been vulnerable to machine learning-based pattern recognition and analysis. Used together, these tools can reduce opportunities to bad actors, but they do not eliminate them. 

The Moving Target

The challenge is not simply that the current tools are imperfect; it’s that the adversarial tools and environment are actively improving. Machine learning models have learned to analyze the shape and timing of encrypted traffic (even with padding in use) and identify what websites users are visiting and even what they are doing online. New protocols like QUIC and HTTP/3 improve speed and efficiency, but their traffic patterns can similarly be analyzed.

One of the great tensions exists between effectiveness and practicality. The more effective and comprehensive a certain privacy tool is, the more it costs in bandwidth, speed, and implementation complexity. The simpler, more practical solutions are easier to deploy but offer limited protection. At the infrastructure level, aggregated traffic flows remain visible to network operators regardless of what protections have been put in place. Protections aimed at solely the endpoint or protocol level neglect the data observable at the infrastructure level.

These issues are not just engineering problems; they are infrastructure and policy challenges. The inconsistent adoption of the available privacy technologies leaves meaningful gaps in both private and public networks, creating opportunities for interception. Individual actors or protocols will not be able to close those gaps alone. Addressing those gaps will require coordinated action across industry and government, ranging from stronger deployment standards to infrastructure investment. As AI-based analysis becomes more accessible and advanced, the cost of inaction will only grow. 

Conclusion

Online privacy has historically been framed as a software problem to be solved with better encryption, more advanced protocols, and smarter code. That framing is incomplete. The metadata generated by online interactions, and the physical infrastructure that supports it, presents deep vulnerabilities that no single tool has been able to fix. Padding reduces some signals, but it far from eliminates them. As machine learning advances, even reduced signals may be sufficient to cause significant harm. 

The question for policymakers is not whether these gaps exist, but rather whether they will be addressed proactively or reactively. Waiting for a large-scale breach to expose the insufficiencies of current protections is not an effective strategy; building standards, incentives, and infrastructure needed to close those gaps is. The internet is a critical national infrastructure, and the security of those communications needs to be treated as such.

Written by Lilly Petruzzi, AI and Data Policy Fellow