Encryption: FBI and U.S. Justice Department appeal to congress
Wed 8 Jul 2015
FBI director James Comey joins Deputy Attorney General Sally Yates in an appeal to congress today regarding their concerns – which mirror those of many other security and enforcement agencies – about the recent technological trend towards secure encryption.
The attorney general will say “The current public debate about how to strike the careful balance between privacy rights and public safety has at times been a challenging and highly charged discussion,”
The clear spike in that charge set in late last summer with the release of Apple’s iOS8 mobile operating system, which instituted a ‘zero knowledge’ encryption policy making it impossible for the company to comply with disclosure orders from investigative bodies – since only the end user is able to unlock the information.
Apple were not the first to institute ZK in a popular device, with various iterations of the Android operating system offering the feature prior to the iOS8, but the move represented a clear turn at the highest consumer towards placating the security concerns of a post-Snowden public.
The testimony to congress is the latest rejoinder in an ever-spiralling ethics match between industry players who espouse the adoption of strong security as a positive move in a volatile period for cyber-security, and the investigative agencies – including the FBI, NSA and various police authorities – who protest that their powers to prevent harm to individuals and institutions is hampered by the potential roadblocking of data taps.
It comes a month after an open letter to Barack Obama’s administration from a consortium of influential tech companies which included Microsoft, Facebook, IBM and Apple. The letter urged that the administration not to pursue ‘any policy or proposal that would require or encourage companies to weaken [encryption] technologies, including the weakening of encryption or creating encryption ‘work-arounds’,’
The appeal to congress was preceded yesterday by the publication of a new report [PDF] by high-level security experts, including Bruce Schneier, which argued that introducing government-accessible ‘back doors’ in encryption protocols is not only unworkable at a technical level but also impractical from the point of view of political relationships between countries.
If the Obama administration’s efforts to compromise consumer-level security – in order to have ad hoc investigative access to suspects’ data streams – succeed, it would be the first time that a government has attempted to embed eavesdropping capability in established technological infrastructure since the advent of the doomed ‘clipper chip’ in the late 1990s – an initiative to provide ‘extra’ encryption keys to government authorities in general communications hardware at a systemic level, and one which was ultimately foiled by arguments about the costs involved, the practicalities of securing the ‘special’ keys and the advent of the dotcom boom.