As we have recently reported there is an ongoing debate in different countries like the US and Great Britain on how much access authorities should have to digital and especially encrypted data. The discussion ranges from digital “front doors” to encrypted data for the NSA – built in by the manufacturers of the corresponding devices and software. To a current letter signed by companies like Apple, Google, Facebook and the like urging President Barack Obama not to support any such plans. At the core it is always about the balance between privacy and the war on crime and terrorism.
Now the US-Senate has passed an NSA reform dubbed “USA Freedom Act” which is supposed to restrict the rights of the Agency. Those had a strong increase in freedom of surveillance due to the “Patriot Act” which was passed after September 11, 2001. The surveillance reform lets the NSA gather data like phone metadata for the next six months. After that the data will be stored at the phone companies and only available upon specific requests. Other rights like those of the FBI that give the authority the possibility to ask companies to hand out certain files are still in place however.
One of those specific rights has now been addressed by two technology experts of the Congress who wrote a letter to FBI-Director James Comey. In this letter they ask him not to “force private sector companies to weaken the security of their products and services by creating a “backdoor” that allows law enforcement to circumvent encryption technology. While they see and recognize the challenge to law enforcement authorities they name three reasons why the FBI should look for other ways to address this problem.
“First, the FBI’s proposal would be a change in the relationship between our government, our citizens, and our private sector. While we recognize that there is a role for the private sector in cooperating with law enforcement to address security threats, this is not the best or most effective way. There is a difference between private companies assisting law enforcement and the government compelling companies to weaken their products to make investigations easier.
Second, any vulnerability to encryption or security technology that can be accessed by law enforcement is one that can be exploited by bad actors such as criminals, spies, and those engaged in economic espionage. It is important to remember that computer code and ecryption algorithms are neutral and have no idea if they are being accessed by an FBI Agent, a terrorist or a hacker. […]
Finally, it is our belief that backdoors can be easily circumvented by terrorists and criminals who can purchase outside encryption applications or communication devices […].” (From the original letter as provided online.)
While this discussion is ongoing in the US, officials like Andrus Ansip from the European Commission have stated that there are no such plans for the EU. Whereas the british prime minister David Cameron implied that he might be thinking about enabling authorities to access encrypted data.
Read here about how Cryptshare CEO Mark Forrest met with british officials and what he thinks about the whole topic.