Industry, Government Differ on Where Encryption Leads

(Image: Shutterstock)

(Image: Shutterstock)

Industry leaders and government officials disagree about whether encryption is causing the digital space to “go dark” or makes Internet users safer.

FBI Director James Comey said widespread encryption hinders national security and criminal investigations.

“We should not drift to a place where a wide swath of America is off limits to judicial authority,” Comey said Tuesday at the Symantec Government Symposium in Washington, D.C.

Comey said that security should take precedence over individual privacy in cases where law enforcement needs to be able to decipher sensitive data. When individuals and companies use encryption, corners of the Internet “go dark” and aren’t available to be interpreted by the FBI.

“The shadow is spreading through more and more of the room,” Comey said.

Comey emphasized that law enforcement can access private spaces by obtaining court orders. This creates a balance between individual privacy and security from crime.

“There is no such thing as absolute privacy in America,” Comey said. “Widespread default encryption changes that bargain.”

Nuala O’Connor, president and CEO of the Center for Democracy and Technology, disagreed with Comey.

“He couldn’t be more wrong on encryption,” O’Connor said. “I don’t agree with the argument that we’re ‘going dark.’ ”

O’Connor said it’s actually the “golden age of surveillance, because there are more unencrypted devices in use than ever before. Weak encryption and product defects are not the solution to security.

“What the FBI is asking for is the master key to the building,” O’Conner said.

Jane Holl Lute, director of the Center for Internet Security, believes that privacy and security can coexist if the assumptions about privacy in the digital age change.

“We can limit the ability of the government to intrude in our lives,” Lute offered as the current definition of privacy in the United States. “Security is also about the responsible exercise of power.”

Greg Clark, the CEO of Symantec, said that the increase in encryption has caused more blind spots in security.

“There’s a huge expansion of the problem,” Clark said.

As part of the new Cloud Generation security challenge, Symantec and Blue Coat tackle this issue by managing endpoints and inspecting the encryption for threats.

Encryption can also be turned against companies in cases of ransomware, according to Kevin Haley, director of product management and security response at Symantec. Hackers can disrupt a company’s systems by encrypting its files and forcing them to pay for the encryption key.

Maj. Gen. Sarah Zabel, vice director of the Defense Information Systems Agency, said that one solution to the problems caused by mass encryption is to prioritize the information that needs to be protected and leave alone information that is already widely available.

“Stop trying to protect everything and start focusing on what’s really important,” Zabel said.

One Comment
  1. Anonymous | - Reply
    "Adult conversation" implies that privacy advocates are acting like children in resisting his calls to build vulnerabilities that can be exploited by government agents. He doesn't appear to understand that the mythical government-only backdoor is as fictional as unicorns. There is no such thing. Any backdoor vulnerability is usually the 1st attack vector for hackers. The export grade encryption forced on browsers in the 1990s by government have resulted in numerous exploits and hacks affecting hundreds of millions of devices in this decade. A government-sponsored hacking group can make mince meat of those. There is no such thing as security for some, namely the government's own devices, but not for the public. The US has been losing the cyberwar thanks to the school of thought they he is pushing. He represents those whose job is to break into devices but there is nobody on the other side advocating for whats most important, which is keeping our systems, personal information and intellectual property safe from hackers.

Leave a Reply


Popular

Recent