Homeland Security Committee Thinks Backdoors Are Bad, But Encryption Still A Problem The Government Needs To Fix
from the one-half-logic,-one-half-Comey dept
The House Homeland Security Committee has decided to weigh in on the encryption debate with the release of a report [PDF] entitled "Going Dark, Going Forward." Despite the use of Comey's pet term for the increasing deployment of encryption by service providers and device makers, the committee points out backdoors are a terrible way to address the problem.
Initially, lawmakers and some among law enforcement personnel believed the solution was simple: statutorily authorize law enforcement access to obtain encrypted data with a court order. Unfortunately, this proposal was riddled with unintended consequences, particularly if redesigning encryption tools to incorporate vulnerabilities—creating what some refer to as “backdoors”—actually weakened data security. Indeed those vulnerabilities would naturally be exploited by the bad guys—and not just benefit the good guys.
However, it also does not specifically take encryption backdoors off the table. As any good committee would, it suggests the solution lies with the formation of another committee and the generation of studies and reports.
Thus, in our estimation, the best way for Congress and the nation to proceed at this juncture is to formally convene a commission of experts to thoughtfully examine not just the matter of encryption and law enforcement, but law enforcement’s future in a world of rapidly evolving digital technology.
So far, so bureaucratic. The ordering of the formation of a commission (to be called the "National Commission on Security and Technology Challenges") is the tentative step forward -- one that will last an entire year. After that, the discussion of encryption backdoors can resume.
The Committee ordering the formation of a commission also has the unfortunate tendency to portray the government in a rosy glow it certainly hasn't earned.
Congress and the American people have always sought to strike the right balance between the rule of law and individual liberty. Several examples illustrate this point, including debates surrounding the development of a robust anti-money laundering regime in online and in-person banking in the 1980s and 1990s; the Communications Assistance for Law Enforcement Act in the early 1990s; the appropriate use of “roving wiretaps” in response to the widespread adoption of mobile communications in the early 2000s; and current discussions on the proper role of commercial drone technology in public and private arenas.
Even if you ignore the fact that the "debate" surrounding CALEA mostly involved legislators listening to law enforcement lobbying (with compromise only resulting because telcos had similar lobbying weight) and the ongoing secrecy over government surveillance drone use, there's the part about "roving wiretaps." The "debate" that took place here was the result of a secret program being uncovered years after it went into effect. It had nothing to do with the government engaging with citizens prior to granting the NSA and FBI this power.
The House Committee also shows an unfortunate tendency to defer to Comey's encryption assertions. It goes so far as to echo his talking points that have no basis in reality.
In later testimony, Comey further commented, “There is no doubt that the use of encryption is part of terrorist tradecraft now because they understand the problems we have getting court orders to be effective when they’re using these mobile messaging apps, especially that are end-to-end encrypted” [emphasis added]. Indeed, the perpetrators of terrorist attacks in Garland, Texas, Paris, France, and San Bernardino, California, in 2015 all exploited encrypted communications.
The last two attacks listed uncovered no use of encryption. The Paris attackers used normal, unencrypted SMS and the notorious San Bernardino iPhone was eventually cracked by a third party, but revealed nothing of importance after being examined.
It's about as even-handed as one can expect from a committee that still believes there's an "honest conversation" to be had about a subject FBI Director James Comey refuses to discuss honestly. It notes that most countries people consider to be free (mainly Western European) have shot down encryption backdoors, even in the wake of terrorist attacks. The countries where governments have demanded backdoors are no one's idea of civil liberties paradises -- like China and Iran. Presented this way, there's a strong suggestion that the US government shouldn't come down on the side of countries whose human rights records are, at best, highly questionable. That should help keep the conversation more "honest," at least.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: backdoors, congress, encryption, going dark, homeland security
Reader Comments
Subscribe: RSS
View by: Time | Thread
How badly do they have to fail before realize that trying to spy on everybody does not make society any safer, but rather encourages people with a grudge against the authorities to stay silent and plot their revenge.
[ link to this | view in chronology ]
Re:
"Stop shooting black guys that are no threat"
Encryption is irrelevant. It will be trotted out of course...
[ link to this | view in chronology ]
Re: Re:
BLM is racist and has now escalated the problems. BLM vs the Police will become a self fulfilling prophecy on both sides now. Each seem to be planning on seeing to that.
[ link to this | view in chronology ]
Re: Re: Re:
BLM is racist? What twisted logic Breitbart "journalism" have you been reading?
[ link to this | view in chronology ]
Re: Re: Re: Re:
[ link to this | view in chronology ]
Re: Re: Re: Re: Re:
That is not what BLM is about. It's about the right to be treated with the same consideration as everybody else. That's why it's called "Black lives matter," not "Black lives better." It's about highlighting the unfair treatment and prejudice that Black people are subjected to on a daily basis. https://en.wikipedia.org/wiki/Black_Like_Me gives a basic idea of what it's like.
This is like using the popular stereotype that right-wing radicals are inherently bad people while left-wing radicals are just fine whatever they do.
Extremism is harmful; I've got no time for it from either side of the aisle. I take hard-left socialists apart with as much vigour as I do far right wingers. Basically, I hate being told what to do by people who don't care about me. Here's the thing; many people on the right see moderate centrism as left wing. It's not. Heck, they see Hillary Clinton as left wing when she's actually a fascist.
[ link to this | view in chronology ]
Re: Re: Re: Re: Re: Re:
I agree with one take on the name, which is that it's sad that it wasn't called something like Black Lives ALSO Matter. While most people get what the organisation is about, and that it's trying to counter the feeling that black lives often mean less that others, some people can't get past the name. They assume that instead of "also", it actually means "only". So, they see it as a racist group trying to get black people preference, rather than trying to battle against the worse treatment that they get every day.
But, the same people who think that tend to be kind of ignorant souls who think that equal rights for homosexuals means they want some kind of special treatment or that freedom from religion means war on Christianity or other such idiocy. So, we shouldn't be surprised that they hear "give us more" when they say "give us the same".
[ link to this | view in chronology ]
...because they're also part of everyday life for non-terrorists. Increasingly so, since the government's illegal activities around unencrypted communications were known.
Funny how that's always left out.
[ link to this | view in chronology ]
...exploited by the bad guys
[ link to this | view in chronology ]
Regulation
[ link to this | view in chronology ]
Regulation
[ link to this | view in chronology ]
[ link to this | view in chronology ]
There are no good guys
Unless there is a warrant, there are no good guys accessing encrypted communications.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Let's not forget it was the CALEA backdoor in the Vodafone network that was used by some still unknown party to spy on several Greek government officials.
Let's also note that not one of those examples was the '90s encryption debate in which the "other side" - the technologists - won, in part due to Skipjack and the Clipper Chip, a poignant demonstration that the government simply isn't capable of building a "secure, good-guy only backdoor".
Even if you buy the assertion that the cops are the good guys, every backdoor built into the systems has been used at least once (that we know of) by the "bad guys".
How many times do we have to drum this into their heads? Backdoors make everyone less safe.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Everyone, is a suspect in their eyes now. If you do not keep your head down and move along you MUST be up to something.
[ link to this | view in chronology ]
simple solution
Not allowed
[ link to this | view in chronology ]
[ link to this | view in chronology ]
One quick thing ...
The 2015 Paris attacks used burner cell phones, not encryption.
[ link to this | view in chronology ]