Tech giants including Apple and Google, along with renowned cryptographers, have sent a letter to the White House, urging the US government to retain strong encryption.
The letter requests that privacy rights are protected, and comes as the US contemplates how to proceed with its surveillance efforts, and as law enforcement becomes increasingly agitated by the increasing use of encryption.
According to the I2 coalition, which has published the letter in full along with the names of all 140 signatories, the main argument put forward by the tech firms is that:
Strong encryption is the cornerstone of the modern information economy's security. Encryption protects billions of people every day against countless threats - be they street criminals trying to steal our phones and laptops, computer criminals trying to defraud us, corporate spies trying to obtain our companies' most valuable trade secrets, repressive governments trying to stifle dissent, or foreign intelligence agencies trying to compromise our and our allies' most sensitive national security secrets.
The timing of the letter is no coincidence – the Obama administration is currently mulling over how it will balance the public’s resistance to surveillance against a clamor for backdoors coming from its own law enforcement agencies, as well as the likes of British Prime Minister David Cameron whose own views on encryption have proven to be somewhat controversial.
Influential Americans have also demonstrated strong views on the topic of encryption recently. Last year FBI Director James Comey expressed concern over the decision from Apple and Google to produce phones that are encrypted by default, something that presents a headache to authorities attempting to access data on a locked device, even if in possession of a warrant.
Speaking at the time, Comey said the authorities were “struggling to keep up” with criminals using such encryption.
US Attorney General Eric Holder called for backdoors to be placed in popular tech gadgets last year, citing concern that encryption could thwart the efforts of law enforcement when attempting to prosecute child sex offenders or find kidnap victims. Holder said the presence of encryption on the latest gadgets was “worrisome” as he appeared to try and guilt-trip companies into granting backdoor access.
Thus far, the legislature has not stepped in and this letter makes it clear that tech companies will not play ball with the federal government unless forced to do so.
Existing legislation – the Communications Assistance for Law Enforcement Act of 1994 (CALEA) – does demand that telecommunications companies make their networks available to wiretaps but doesn’t cover phone hardware or other communications services.
Therefore, any hope of forcing backdoors onto tech companies resides with the White House, which, for now, appears to be sitting firmly on the fence.
When President Obama spoke to re/code in February this year, he appeared to imply that encryption was both good and bad, saying:
I lean probably further in the direction of strong encryption than some do inside of law enforcement. But I am sympathetic to law enforcement because I know the kind of pressure they're under to keep us safe. And it's not as black and white as it's sometimes portrayed.
Now law enforcement and tech companies alike will be looking for a solution as they continue to argue back and forth over the topics of anti-terrorism, crime prevention, privacy and economic security.
As the signatories of Tuesday’s letter say:
The Administration faces a critical choice: will it adopt policies that foster a global digital ecosystem that is more secure, or less? That choice may well define the future of the Internet in the 21st century.
Kevin Bankston, organizer of the letter and policy director of the New America Foundation’s Open Technology Institute, gives more detail as to why he thinks the president should rule against backdoors over at newamerica.org but, tellingly, he also makes a point that will resonate with anyone working in the internet security industry, namely that:
Securing cyberspace is hard enough without shooting ourselves in the foot with government-mandated vulnerabilities.
Did you get that, Mr President?