Critical Read

How restricting encryption increases cyber risks

keyhole digital

What: "Unlocking Encryption: Information Security and the Rule of Law," a report from the Information Technology and Innovation Foundation.

Why: When the FBI sought to compel Apple to create software that would disable security protections so agents could break into the iPhone used by one of the San Bernardino, Calif., shooters, the move sparked an ongoing dialogue about whether technology companies should be able to supply customers with devices that shield data from law enforcement.

The report's authors, Daniel Castro and Alan McQuinn, argue that encryption should be continually developed and innovated rather than weakened. They call on Congress to pass legislation that would prevent the government from requiring technology providers to create encryption backdoors, ban the National Security Agency from tampering with encryption standards and forbid any federal agency from exploiting security flaws.

At the same time, they want lawmakers to explore the possibility of stiffer penalties for anyone who does not comply with a lawful warrant to disclose encrypted data to law enforcement.

The Senate is set to release legislation to force companies to decrypt data for law enforcement when required by a lawful court order. Additionally, an effort is underway to authorize a commission composed of representatives from law enforcement, the technology industry and academia to examine digital privacy issues and make policy recommendations to Congress.

Verbatim: "U.S. efforts to mandate extraordinary access to encryption products and services will reduce progress in information security systems and serve only to open foreign markets for foreign competitors, as they did in the first crypto wars. The policy of the U.S. government should not be to pick winners and losers by mandating specific technologies. Doing so will actively halt innovation in information security, creating a digital world that is less secure overall. Instead, the United States should stand athwart any attempts to denigrate cybersecurity and should champion strong encryption by promoting a broader strategy for improving cybersecurity around the world."

Read the full report here.

About the Author

Aisha Chowdhry is a former staff writer for FCW.


Featured

  • Cybersecurity

    DHS floats 'collective defense' model for cybersecurity

    Homeland Security Secretary Kirstjen Nielsen wants her department to have a more direct role in defending the private sector and critical infrastructure entities from cyberthreats.

  • Defense
    Defense Secretary James Mattis testifies at an April 12 hearing of the House Armed Services Committee.

    Mattis: Cloud deal not tailored for Amazon

    On Capitol Hill, Defense Secretary Jim Mattis sought to quell "rumors" that the Pentagon's planned single-award cloud acquisition was designed with Amazon Web Services in mind.

  • Census
    shutterstock image

    2020 Census to include citizenship question

    The Department of Commerce is breaking with recent practice and restoring a question about respondent citizenship last used in 1950, despite being urged not to by former Census directors and outside experts.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.