X

Obama Lightens Up on Encrypted Data Law

Summary: The Obama administration has relented in its efforts to gain access to user smartphones, but many think the debate isn’t over yet.

Those in favor of technology privacy are praising President Obama for the administration’s decision not to seek new legislation that guarantees government access to encrypted information on computers, mobile phones, and other such devices, even though many companies know that the government has not completely given up on obtaining such data.

According to Bloomberg, parties on both sides of the issue expect the dialogue to continue. U.S. officials have stated that they expect full cooperation from technology companies, who may be compelled to turn over certain data by court order. Many technology companies, including Apple, have argued they do not want to become an extension of the government, extracting and turning over customer data.

The New York Times explains that, with the access the U.S. government desired, messages, photos, and other data that is routinely encrypted on smartphones would have been accessible.

Last year, Google released end-to-end email encryption software.

Chris Wysopal, the co-founder of Veracode Inc., a security firm in Massachusetts, says, “This is a big win for tech companies.” He noted that history implies that “when the government presses for more access, tech firms counter and built in more and stronger encryption controls. I don’t expect this cycle to stop.”

FBI Director James Comey told senators on Thursday that the White House will not seek encryption-related legislation. Instead, it will maintain “increasingly productive” discussions with companies about reducing the risks to national security and law enforcement.

Many companies and organizations, such as the American Civil Liberties Union, vehemently opposed the legislation, The Hill adds. Over the summer, the four proposals the White House made for access to encrypted data were all dismissed after so many opposed the idea.

Loading ...

For some companies, such as Google and Apple, allowing direct access to source code, encryption keys, or servers would be an encroachment on customers’ privacy, and could expose data to hackers.

Comey says, “We’re not looking for volunteers, not looking to sneak in anywhere.” It is important to make sure that companies “get to a place technologically, legally where we could get you to comply with court orders.”

The Obama administration is currently trying to work with companies to compromise on data access for law enforcement “without weakening our commitment to strong encryption,” National Security Council spokesman Ned Price says.

The Justice Department also wanted Apple’s iMessage chat logs.

According to Wysopal, the feds suggested similar measures two decades ago when they proposed adopting the Clipper chip, which was a microcircuit the National Security Agency developed as an encryption device. The chip also had backdoor capability to allow law enforcement access for security reasons. It was first introduced in 1993, but by 1996 it was considered defunct due to negative reception from both manufacturers and consumers.

Many cybersecurity experts and technology companies were against the proposed backdoors from the start. Many thought the changes would never amount to anything, due to the damage American exports could suffer.

Many technology companies in Silicon Valley have taken a different approach. In attempts to fight against allegations made by Edward Snowden that they helped NSA surveillance, many companies have jumped at the opportunity to demonstrate features that keep hackers away. For example, Apple stated that iPhones would automatically encrypt data, and that the company could not help the government obtain the stored information.

However, one gap in the argument is that the information most popularly sought by law enforcement, including photos, call logs, e-mails, and texts, is legally obtainable with court orders, no matter what level of encryption is present on a device.

Another issue is the underlying purpose of most of Silicon Valley’s data encryption practices. As a general rule, Silicon Valley is more concerned with protecting corporate intellectual property than protecting end users from surveillance.

User data is also extremely valuable. Many companies store data so they may later use it to improve their services, sell ads, and get to know their users. Once data is stored it may be obtainable by the government.

The U.S. Attorney General and the FBI have pressured technology makers to create encryption backdoors for some time now. There has also been much debate over how much information companies can mine and store for business purposes, and how much access the government and law enforcement agencies have to such information.

Last year, Microsoft was fighting the government in three different websites.

Apple CEO Tim Cook has stated on multiple occasions that the company is in the product business, not the data business. One insider claims that encrypting the iPhone was motivated by a desire to protect privacy and stop law enforcement from sending an increasing number of devices to Apple for help unlocking the phones.

Bruce Schneier, the chief technology officer at cybersecurity firm Resilient Systems, Inc., formerly known as CO3 Systems, predicts that the government will continue to quietly try to obtain access to devices and their information.

He explains, “It’s been an issue since the mid-1990s, and it’s not going away because some president somewhere got momentarily sensible. I don’t believe for a minute that the pressure, overt or covert, is going to lessen.”

Source: Bloomberg

Photo credit: govtechworks.com

Noelle Price: