Critical Read

How restricting encryption increases cyber risks

keyhole digital

What: "Unlocking Encryption: Information Security and the Rule of Law," a report from the Information Technology and Innovation Foundation.

Why: When the FBI sought to compel Apple to create software that would disable security protections so agents could break into the iPhone used by one of the San Bernardino, Calif., shooters, the move sparked an ongoing dialogue about whether technology companies should be able to supply customers with devices that shield data from law enforcement.

The report's authors, Daniel Castro and Alan McQuinn, argue that encryption should be continually developed and innovated rather than weakened. They call on Congress to pass legislation that would prevent the government from requiring technology providers to create encryption backdoors, ban the National Security Agency from tampering with encryption standards and forbid any federal agency from exploiting security flaws.

At the same time, they want lawmakers to explore the possibility of stiffer penalties for anyone who does not comply with a lawful warrant to disclose encrypted data to law enforcement.

The Senate is set to release legislation to force companies to decrypt data for law enforcement when required by a lawful court order. Additionally, an effort is underway to authorize a commission composed of representatives from law enforcement, the technology industry and academia to examine digital privacy issues and make policy recommendations to Congress.

Verbatim: "U.S. efforts to mandate extraordinary access to encryption products and services will reduce progress in information security systems and serve only to open foreign markets for foreign competitors, as they did in the first crypto wars. The policy of the U.S. government should not be to pick winners and losers by mandating specific technologies. Doing so will actively halt innovation in information security, creating a digital world that is less secure overall. Instead, the United States should stand athwart any attempts to denigrate cybersecurity and should champion strong encryption by promoting a broader strategy for improving cybersecurity around the world."

Read the full report here.

About the Author

Aisha Chowdhry is a former staff writer for FCW.


Featured

  • Contracting
    8 prototypes of the border walls as tweeted by CBP San Diego

    DHS contractors face protests – on the streets

    Tech companies are facing protests internally from workers and externally from activists about doing for government amid controversial policies like "zero tolerance" for illegal immigration.

  • Workforce
    By Mark Van Scyoc Royalty-free stock photo ID: 285175268

    At OPM, Weichert pushes direct hire, pay agent changes

    Margaret Weichert, now acting director of the Office of Personnel Management, is clearing agencies to make direct hires in IT, cyber and other tech fields and is changing pay for specialized occupations.

  • Cloud
    Shutterstock ID ID: 222190471 By wk1003mike

    IBM protests JEDI cloud deal

    As the deadline to submit bids on the Pentagon's $10 billion, 10-year warfighter cloud deal draws near, IBM announced a legal protest.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.