Consumer Security

The Encryption Software Scuffle

In the face of encryption that could block brute force attempts for years, law enforcement agencies at every level have been calling for keys that allow investigators to crack open smartphones and court cases alike.

Some of the world’s leading tech companies and privacy advocates earlier this month called for the White House to stand against any proposal to weaken the security software on consumer products.

The petition, signed by more than 140 tech companies and privacy advocates, seeks the White House’s support in maintaining the integrity of encryption software by disallowing law enforcement to have special “back door” access into protected systems, ranging from servers to cellphones.

“We request that the White House instead focus on developing policies that will promote rather than undermine the wide adoption of strong encryption technology,” it states. “Such policies will in turn help to promote and protect cybersecurity, economic growth, and human rights, both here and abroad.”

Civil Society organizations supporting the petition include the American Civil Liberties Union, the American Library Association, The Constitution Project, The GNOME Foundation, the Electronic Frontier Foundation and a host of other groups. Tech companies backing the petition include Apple, Microsoft, Google, Mozilla and many more.

The petition carries signatures from three of the five Obama appointees to a presidential review group charged with assessing tech policies.

Facilitating the Commission of a Crime

The encryption issue has been highly contentious, with the temperature cranked up to high when Apple announced that iOS 8 would offer the company’s mobile devices their strongest encryption yet.

High-profile law enforcement officials, including FBI Director James B. Comey and former Attorney General Eric Holder, have derided the high-level encryption offered by iOS 8 — and Google’s Android 5.0 Lollipop — as having the potential to facilitate criminal behavior.

There are time-sensitive situations when being able to crack a suspect’s encrypted mobile device could help law enforcement agencies save lives, Ronald T. Hosko, former head of the FBI’s criminal investigative division, argued last fall.

More Doors In, More Points to Protect

While law enforcement official have pointed to the protections high-level encryption could provide criminals, tech companies and privacy watchdogs have underscored the shield such software offers consumers against government snooping and cybersecurity attacks.

A split-key approach is one of several solutions advocated by law enforcement agencies. That approach would create two keys to decrypt protected data. However, even proponents of the idea have acknowledged that it may not be enough to crack advanced encryption in timely fashion.

Allowing the feds backdoor access into encrypted systems compromises the security of the protected device. By definition, a backdoor is a security weakness, Lee Tien, senior staff attorney at the Electronic Frontier Foundation pointed out.

“At a time when concerns about computer and network security are high, and weaknesses already abound, it’s bad policy to create more,” he told the E-Commerce Times.

Hamstrung, Hindered and Held Up

Though law enforcement officials have argued that advanced encryption hurts their ability to do their jobs, banning or altering such software in favor of law enforcement could have a negative impact on law abiding citizens. It also could make it harder for IT vendors to market their products outside of the U.S.

There isn’t any solid, publicly available evidence that indicates that high-level encryption has hindered the ability of law enforcement agencies, said Tien.

“Law enforcement has many tools and technology for invading privacy,” said Tien. That has been improving for years — not to mention that so much more electronic data about us is created and stored. Also, while strong crypto protects the communications themselves — what you say in an email — it’s not too useful in protecting the metadata, like who you send email to.”

Strangers at the Gate

Though the feds want access to protected data whenever they come knocking, consumers — awake and on alert after the Snowden revelations — now mistrust anyone who darkens their doors.

Federal and state government officials have been asking the public to trust them, since the 9/11 terrorist attacks forever changed the world, noted Charles King, principal analyst at Pund-IT.

“Revelations about widespread, indiscriminate data collection by the NSA and other organizations suggest that public trust was misplaced,” he told the E-Commerce Times. “That the government would consider extending or strengthening what amounts to privacy restrictions in the face of those revelations is tone-deaf in the extreme.”

Quinten Plummer is a longtime technology reporter and an avid PC gamer who explored local news for a few years, covering law enforcement and government beats, before returning to writing about things run by ones and zeros and the people who make them. If it pushes pixels or improves lives, he wants to learn all he can about it.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

Related Stories

E-Commerce Times Channels