author photo
By Bruce Sussman
Fri | Oct 4, 2019 | 11:44 AM PDT

It is the U.S. government's continuing push for a legally required path through encryption.

This time the push is happening at a special Department of Justice summit on lawful access. 

Lawful Access, as you may know, is how government leaders are framing this debate. The government says it would not abuse a back door built into our technology; instead, this type of thing would only be used for lawful access when a judge approves it.

The stark reality on what total encryption allows

At the summit, Deputy U.S. Attorney General Jeffery A. Rosen delivered key remarks and painted a picture of what is at stake if encryption is allowed to be absolute.

"The title of today's summit is 'lawless spaces.' And that's exactly what warrant-proof encryption creates: bounded-off areas in the digital world that are impervious to the light of scrutiny by the judicial system. Those areas remain dark even when a neutral judge has found that the constitutional balance has been satisfied, and the judge has ordered that sworn law enforcement officers should have access to the specified evidence in order to protect public safety.

Outside the digital world, none of us would accept the proposition that grown-ups should be permitted to mingle in closed rooms with children they don't know in order to groom them for sexual exploitation. Neither would we ever accept the idea that a person should be allowed to keep a hoard of child sexual abuse material from the scrutiny of the justice system when all of society's traditional procedures for protecting the person's privacy, like the Fourth Amendment's warrant requirement, have been satisfied. But in the digital world, that is increasingly the situation in which we find ourselves."

And the Deputy Attorney General also reframed what privacy advocates call back door access in this debate.

"I am not for a moment suggesting that we should 'weaken' encryption.  As we confront the problem of 'warrant-proof' encryption, nobody is calling for secret 'back doors' to communications systems, even though that is often how the issue is misreported. As FBI Director Wray said this morning, law enforcement seeks a front door—that is, access through a transparent and publicly acknowledged system, and only once we have secured the authorization of a court. And we don't want the keys to that door. The companies that develop these platforms should keep the keys, maintaining their users' trust by providing access to content only when a judge has ordered it."

Can we allow lawful access through encryption without weakening it?

This idea of building some sort of "door" (front or back) into our technology leads to a big point of contention between government leaders and those within cybersecurity.

We interviewed Bruce Schneier about the encryption debate before his keynote at SecureWorld Boston, and here is how he frames it, in speaking of the FBI and NSA:

"They have this weird definition of security which means security from everyone except them, which we as technologists can't actually build. And they are pushing for insecure protocols at the same time they're complaining about lack of security.

So yes, we need security. We need trust and that actually means the FBI and NSA are not going to be able to eavesdrop on those systems. And they have to either accept that or be happy with the insecurity. They can't get both.

And yes, I get it that the FBI will have to do a little more work to solve crimes, but the security benefit is more than worth it."

And with that, the encryption debate continues.

Comments