Latest News

Weak encryption undermines cybersecurity, privacy rights

by Joanne Lee

By Matthew Hamilton

On March 28 the Department of Justice announced that it would drop its case against Apple, stating it had found another way into the device used by the San Bernardino shooter. The case has been used as a symbol for the greater debate over law enforcement access to encrypted communications. Despite the case’s closure, the debate over law enforcement access to encrypted communications has just begun. Lawmakers must realize that forcing companies to place backdoors in their encrypted products should be rejected because it poses no national security benefits, but comes with substantial harms to Americans and the companies they work for.

Backdoors—often touted for their security benefits—actually put tech companies at a great risk of a cyber attack. While the backdoor provides access to encrypted data for the government, the same backdoor is left open to be exploited by cybercriminals. Companies like Google and Microsoft have already been hacked because of backdoors. Even the government itself was a victim of a backdoor cyber attack when the Department of Defense used Juniper Systems software that had a backdoor in it. A coalition of tech companies including Google, Twitter and Facebook have also called on President Barack Obama to end the abusive policy. It is clear that tech companies are being targeted by hackers because of the government’s reckless practice of  placing backdoors into encrypted products.

Tech companies are not the only ones that are hurt by the government’s policy of placing backdoors into encrypted products. Any consumer of a product produced by a U.S. tech company loses their privacy. The United Nations has condemned the practice of placing backdoors into encrypted products specifically because the ability to encrypt data is crucial to protect the privacy of consumers and has also stated that any national security benefits are miniscule in comparison to the impact of stripping citizens of their privacy. It is clear that snatching data directly from servers without the approval of the company, consumer or judicial system is a violation of the privacy of Americans.

Placing backdoors into encrypted products does nothing but hurt every party involved. Thus, the questions arises: why is the policy in place? The answer lies in the unfortunate use of speculative rhetoric meant to scare U.S. citizens into giving up their privacy in hopes of gaining security. Aside from having a questionable moral basis, the use of national security to force acceptance of backdoors into encrypted products is misguided. Not once has a previous or existing backdoor been used to stop a terrorist attack or solve a criminal case. FBI Director James Comey has failed to cite a single case in which a backdoor aided a terrorism or criminal investigation. In every case where criminals used encryption, whether it be the 111 cases of Manhattan District Attorney General Cyrus Vance or the cases brought up by Comey, not once has a backdoor led to the arrest of a criminal. The San Bernadino case only highlighted the uselessness of backdoors. Not only did the police chief of San Bernardino state that the phone of the shooter most likely did not contain any useful information, the Department of Justice was able to find another way into the phone without stripping every citizen of their privacy.

Mandating backdoors costs tech companies cybersecurity while hurting the privacy of Americans. Given the fact that the government and cybersecurity experts cannot cite a single case where backdoors ended up catching a terrorist or preventing a crime, there is no justification for their procurement. That makes backdoors at best unnecessary, but in reality counterproductive on every level of American society.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: