DOJ formalizes request for encryption back-doors
The US Department of Justice, in conjunction with the "Five Eyes" nations, has issued a statement asking Apple and other tech companies to effectively create backdoors that will weaken encryption strength overall to provide law enforcement access to data.
In a statement released on Sunday by the US Department of Justice, the "International Statement: End-to-End Encryption and Public Safety" is a continuation of the long-running encryption debate. In the latest salvo in the ongoing war, representatives of governments from multiple countries are demanding access to encrypted data for the sake of sexually exploited children.
The lengthy statement demands tech companies "embed the safety of the public in system designs" relating to encryption, to enable companies to "act against illegal content and activity effectively with no reduction to safety," while enabling law enforcement to do its job. This includes enabling law enforcement officials "access to content in a readable and usable format where an authorization is lawfully issued, is necessary and proportionate, and is subject to strong safeguards and oversight."
In effect, the group is asking for access to encrypted data via some form of backdoor meant just for law enforcement, while still keeping it secure to prevent access by hackers and other online criminals.
The group claims it is working with the tech industry to "develop reasonable proposals that will allow technology companies and governments to protect the public and their privacy, defend cyber security and human rights, and support technological innovation."
Though it does agree that "data protection, respect for privacy, and the importance of encryption as technology changes and global Internet standards are developed remain at the forefront of each state's legal framework," it also wants to "challenge the assertion that public safety cannot be protected without compromising privacy or cyber security."
"We strongly believe that approaches protecting each of these important values are possible and strive to work with industry to collaborate on mutually agreeable solutions," the statement concludes.
The statement is signed by US Attorney General William Barr, UK Secretary of State for the Home Department Priti Patel, Australian Minister for Home Affairs Peter Dutton, and other representatives for Canada, India, Japan, and New Zealand.
This has led to a repeated refrain from law enforcement and governments that technology companies should instigate some form of backdoor into their systems to allow access to law enforcement. The same governments also believe it is possible to enable access while keeping encryption secure.
Critics respond by insisting there's no way you can add a backdoor to encryption without weakening encryption itself. The general belief is that bad actors would simply try to attack the backdoor itself to see data instead of trying to beat the encryption directly.
An earlier example of this sort of governmental demand is the UK's MI5 chief Sir Andrew Parker, who urged for more assistance in gaining access to encrypted communications. The February comments by Parker were part of a documentary, which saw the security head tell government ministers it wasn't possible to halt every terror plot, due to a limited capability to see online communications.
The fight against online child sexual abuse angle has previously been deployed by Barr, speaking alongside representatives from Australia, Canada, New Zealand, and the UK in March. That declaration steered clear of mentioning backdoors, but the sentiment to do so was still evident.
For Apple, its use of on-device encryption has led to very public disagreements with the US government, such as presidential demands to unlock iPhones used by criminals, like the Pensacola shooter.
The FBI has also made public calls for Apple to provide backdoors, but following its own breaking of iPhone security, such calls should have ended.
The public fight for encryption and the resistance to break it has led to lawmakers working to introduce laws to force the matter. In June, a Republican bill was introduced to the Senate to try and weaken encryption by ending the use of "warrant-proof" encrypted technology.
In a statement released on Sunday by the US Department of Justice, the "International Statement: End-to-End Encryption and Public Safety" is a continuation of the long-running encryption debate. In the latest salvo in the ongoing war, representatives of governments from multiple countries are demanding access to encrypted data for the sake of sexually exploited children.
The lengthy statement demands tech companies "embed the safety of the public in system designs" relating to encryption, to enable companies to "act against illegal content and activity effectively with no reduction to safety," while enabling law enforcement to do its job. This includes enabling law enforcement officials "access to content in a readable and usable format where an authorization is lawfully issued, is necessary and proportionate, and is subject to strong safeguards and oversight."
In effect, the group is asking for access to encrypted data via some form of backdoor meant just for law enforcement, while still keeping it secure to prevent access by hackers and other online criminals.
The group claims it is working with the tech industry to "develop reasonable proposals that will allow technology companies and governments to protect the public and their privacy, defend cyber security and human rights, and support technological innovation."
Though it does agree that "data protection, respect for privacy, and the importance of encryption as technology changes and global Internet standards are developed remain at the forefront of each state's legal framework," it also wants to "challenge the assertion that public safety cannot be protected without compromising privacy or cyber security."
"We strongly believe that approaches protecting each of these important values are possible and strive to work with industry to collaborate on mutually agreeable solutions," the statement concludes.
The statement is signed by US Attorney General William Barr, UK Secretary of State for the Home Department Priti Patel, Australian Minister for Home Affairs Peter Dutton, and other representatives for Canada, India, Japan, and New Zealand.
History repeating itself
The statement is the latest attempt by governments to try and gain access to data that is protected by encryption, which includes versions such as end-to-end encryption that are extremely difficult to monitor. By being able to access encrypted content, investigators would be able to monitor for illegal activity, and potentially gain evidence that could result in the prosecution of criminals.This has led to a repeated refrain from law enforcement and governments that technology companies should instigate some form of backdoor into their systems to allow access to law enforcement. The same governments also believe it is possible to enable access while keeping encryption secure.
Critics respond by insisting there's no way you can add a backdoor to encryption without weakening encryption itself. The general belief is that bad actors would simply try to attack the backdoor itself to see data instead of trying to beat the encryption directly.
An earlier example of this sort of governmental demand is the UK's MI5 chief Sir Andrew Parker, who urged for more assistance in gaining access to encrypted communications. The February comments by Parker were part of a documentary, which saw the security head tell government ministers it wasn't possible to halt every terror plot, due to a limited capability to see online communications.
The fight against online child sexual abuse angle has previously been deployed by Barr, speaking alongside representatives from Australia, Canada, New Zealand, and the UK in March. That declaration steered clear of mentioning backdoors, but the sentiment to do so was still evident.
For Apple, its use of on-device encryption has led to very public disagreements with the US government, such as presidential demands to unlock iPhones used by criminals, like the Pensacola shooter.
The FBI has also made public calls for Apple to provide backdoors, but following its own breaking of iPhone security, such calls should have ended.
The public fight for encryption and the resistance to break it has led to lawmakers working to introduce laws to force the matter. In June, a Republican bill was introduced to the Senate to try and weaken encryption by ending the use of "warrant-proof" encrypted technology.
Comments
- Was illegal
- Did not stop a single terrorist attack
- And, (the best bit) U.S. Intelligence leaders who defended it were not telling the truth, and it was proper for Edward Snowden to expose these activities.
How could anyone in good faith believe or trust that the sorts of changes the government are barracking for would have any meaningful effect on crime over other investigative methods, would not be abused, would be truthfully represented to the public and all at the total compromise of the individual's privacy and security.
The obvious answer is that it won't - and the representations currently being made by the government already indicate that the request is not being truthfully represented.
First, again don't you understand that backdoor is way too dangerous for us as people and you, the "Five Eyes". I don't fucking think so that y'all want to access to our sensitive personal private. It doesn't MATTER I repeat, MATTER if you promise that the backdoor will be under heavy security... Hacker and the bad guy can find a way to steal our private data. Sorry but no, we are NOT allowed anybody from install backdoor in our companies operation system. There is five words for you to listen very careful: The Backdoor is UNCONSTITUTIONAL, PERIOD. If y'all decided to create the law to demand access to backdoor into our device, y'all will face our lawsuit against AG, Trump Administrator and other federal stuff in the Supreme Court of the United States. I'm sure Apple will REFUSED to comply federal mandatory to access their products just like Apple bravely did in one of those courts.
Second, you, William Barr, the US Attorney General: You take this bill and law shove it up your ass!
Third of all, again, let us, American Citizen tell you something:
FUCK OFF and shove it.
Sincerely,
American Citizens
The day they get a back door- that they will routinely abuse - George Orwell’s Telescreen will be your phone. Law enforcement wants full access to everything and no accountability.
If they havre a back door into your device they will also have the ability to plant things in it. We all know dirty cops plant “evidence” - it is done every day somewhere. So they can use the access to plant damning “evidence” against you.
No thanks.
After that, back to end-to-end encryption.
Also, I want to see evidence after a year about what criminal or terrorist activity has been curtailed due to the government back door.
If the government can't clearly demonstrate that their back door has proven efficacious, they shouldn't be allow to keep it.
Basically this means that they should have to prove that a back door yields positive, tangible results - if they can't do that, they shouldn't have the continued ability to invade our privacy. This should be written into the legislation making this a requirement.
If they can't get such legislation passed, they can go pound sand. We are after all, a society of laws and not a kingdom of decrees.
https://www.nytimes.com/2010/09/27/us/27wiretap.html?pagewanted=1&_r=1&hp
https://www.washingtonpost.com/world/national-security/tech-giants-urge-obama-to-resist-backdoors-into-encrypted-communications/2015/05/18/11781b4a-fd69-11e4-833c-a2de05b6b2a4_story.html
I was commenting on 10 years of federal guidance and desires in regards to citizens' use of encryption.