Encryption Crackdown – Attorney General Barr Calls for Access to Amrican’s Personal Electronics
US Attorney General William Barr called for increased access to Americans’ personal electronic devices and argued that tech companies should be compelled to give the government backdoors to access citizens’ data. He stated, so called “warrant-proof” encryption tools prevent law enforcement and federal agencies from accessing the information, images, and location data in software and on electronic devices and their apps. Barr spoke last week at Fordham University’s International Conference on Cyber Security in New York, an event coordinated by the US Federal Bureau of Investigations (FBI)
“Encryption provides enormous benefits to society by enabling secure communications, data storage and on-line transactions. Because of advances in encryption, we can now better protect our personal information; more securely engage in e-commerce and internet communications; obtain secure software updates; and limit access to sensitive computers, devices, and networks,“ Barr read from a prepared statement at the International Conference on Cybersecurity in New York City.
Despite the benefits of encrypted communications and secure online shopping, some argue that the trade off is interference for law enforcement and investigations. Without the ability to read information from a device or app, search warrants for electronic devices may not be useful for apprehending criminals. Hence the term, “warrant-proof.”
But building backdoors in software and hardware to allows law enforcement in comes with cyber security risks. The call for police and government agencies access to electronic devices is seen by the opposition an encroaching on civil rights. Many in the cyber security industry view backdoors as a way to undermine strong encryption and hand hackers another way in.
Attorney General Barr Argues for Access to Encrypted Data
Barr accused messaging apps like WhatsApp and Messenger as deploying “irresponsible encryption” rather than acknowledging it as one of the best ways to protect credit card numbers, personal information, and private work communications. Virtual private networks (VPNs) and secure messaging apps are especially needed when using public WiFi that is found at coffee shops, hotels, airports, and other shared internet connections. Of course banning encryption will not stop the rest of the world from using the technology, including criminals. Of course decrypting the information on smartphones, tablets, laptops, and other devices are not the only way to fight crime.
Sen. Ron Wyden, D-Oregon referring to encryption backdoors said that “It will only leave Americans less secure against foreign hackers, and … it will leave Americans less secure against intrusions by an administration that has shown willing to support lawless measures.”
Last month Politico posted that the Trump administration is considering banning encrypted technology if it provides no backdoor access for government agencies or deploys technology that investigators cannot crack. The administration purports that end-to-end encryption lets criminals act without impunity. Senior officials are considering if they should move ahead and ask Congress to make end-to-end encryption illegal.
In 2013, former US National Security Agency contractor turned whistleblower revealed a massive government surveillance programs by the United States and Britain.
Major tech companies in the United States do not all agree with cooperating with the US government’s call for change. They contend that backdoors provide unregulated access to innocent private citizen’s data and also weaken their products making it easier for cyber criminals to gain access. Tech giants, Google and Microsoft, have refused to sell their facial recognition technology to law enforcement agencies. While Amazon shareholders have chosen to sell their surveillance product, called Facial Rekognition, to domestic law enforcement, municipalities, as well as overseas governments.
Federal law enforcement agencies argue that encrypted hardware and software prevents them from obtaining all evidence available. The head butting came to public light in 2015 when Apple refused to crack an iPhone lock screen at the request of police. The crime involved a shooting death and it was believed the phone could give information that could identify the whereabouts of suspects. Apple refused to comply with investigators request to override the phone’s login encryption.
Do Backdoors Create Security Risks
A backdoor is any way into hardware, software, app, or device that allows someone to cirumvent security measures. For exmaple, a backdoor would allow someone to unlock a smartphone without knowing the passcode. A ban on end-to-end-encryption would allow law enforcement and intelligence agents to access data, possibly without a warrant. Making communications and data storage less secure would also make it easier for spies to monitor Americans’ communications and for hackers to steal financial information of private citizens or corporations. Creating backdoors in encryption technologies that are designed for government use by default makes them accessible to anyone who reverse-engineers them. This endangers people and businesses that rely on encrypted communications including corporate trade secrets, people transferring money online, and those hiding from stalkers or abusive relationships.
What is End to End Encryption?
Encryption is the use of technology to block access to the information on an electronic device, software, app or their contents and activity. When data must be transmitted between devices, for example between smartphones to send money or documents, the data is scrambled to prevent anyone other than the intended recipient from reading it. Devices such as laptops, phones, and other devices can be protected with a biometric lock or password which is also considered encryption.
End-to-end encryption provides data security for users by blocking interception by internet service providers, hackers, unauthorized users, or anyone else who may want to see information including law enforcement agencies. In order for a messaging app to be completely secure, it must deploy end-to-end encryption which means the data transmitted by the app is sent from and received by secured devices. All points of the transmission are secure and encrypted along the entire path between devices. If the content is intercepted, it is unreadable due to mathematical algorithms.
Apple, Google, Facebook,and other developers have built end-to-end encryption into many of their products. Messaging apps like WhatsApp, Signal, Apple’s iMessage, WeChat, and Wickr all use end-to-end encryption to safeguard user data. Many messaging apps also allow for payments and money transfers which requires technology companies to ensure protection from hackers.
Michelle writes about cyber security as well as how to protect your data online. She has worked in internet technology for over 20 years Michelle earned a B.S. in Engineering from Rensselaer Polytechnic Institute. She published a guide to Cyber Security for Business Travelers