Congressional report: We shouldn’t bother with encryption backdoors
A new report from House lawmakers rejected the notion of Congress inserting backdoors into encryption, asserting that weakening encryption runs contrary to national interest.
While lawmakers acknowledged that popular encryption impacts law enforcement and intelligence work, the group emphasized encryption’s importance for national defense, individual privacy, freedom of speech, human rights and protection against government intrusion abroad and at home.
Responding to law enforcement assertions that popular encryption was leading to a problem of data “going dark,” the congressional group countered that “the challenge appears to be more akin to ‘going spotty.'”
“Congress should not weaken this vital technology because doing so works against the national interest. However, it should not ignore and must address the legitimate concerns of the law enforcement and intelligence communities,” the report reads.
The bipartisan report comes exactly one month before President-elect Donald Trump takes office. Trump touted his support for backdoors on the campaign, including calling for a boycott of Apple if they didn’t help the FBI unlock an iPhone tied to the San Bernardino shooter. The report is a direct result of the fight between Apple and the FBI, as well as the wider fight over encryption that was fought on Capitol Hill earlier this year.
Proponents of strong encryption were quick to applaud the report.
“Today’s report from the bipartisan Congressional working group on encryption supports what OTI has been saying for the past two years: forcing U.S. companies to refrain from offering strongly encrypted products or to introduce surveillance “backdoors” into those products would not make us safer but would instead threaten everyone’s cybersecurity as well as America’s economic security,” said Kevin Bankston, Director of New America’s Open Technology Institute. “We hope that this report sends a strong signal to Sens. Burr and Feinstein and anyone else on Capitol Hill considering legislation that would undermine encryption: the House committees that have jurisdiction over this issue are not interested in moving forward with any wrongheaded backdoor bill.”
The group encouraged Congress to explore new options like “opportunities for collaboration between the law enforcement community and the technology sector and information sharing between different elements of the law enforcement community.”
Quiet cooperation is indeed the preferred method of collaboration between Silicon Valley and Washington D.C. The report highlights the willingness of private sector firms to assist law enforcement and intelligence efforts with access to information but it fails to address specifics. In fact, that’s one of the advantages of “quiet” cooperation. At the heart of the 2016 conflict between the FBI and Apple was FBI director James Comey’s decision to go public, forcing Apple to emphatically defend their position.
The congressional group also points to metadata analysis as a necessary next step. Legal hacking to circumvent encryption was also posed as a potential solution to be explored although almost all both law enforcement and private sector representatives had qualms: Cops said hacking only applied to a small subset of cases where officers know of an exploit and, even then, it’s resource-intensive. Others assert that “a legal hacking regime creates the wrong incentives for government agencies that should be working with private companies to patch vulnerabilities and improve cybersecurity.”
The group still urged Congress to explore the option.
The report also suggests Congress look at compelled disclosure and how law enforcement can force suspects to open devices without breaking the law.
[documentcloud url=”http://www.documentcloud.org/documents/3244014-20161220EWGFINALReport.html” sidebar=false text=false pdf=false]