The FBI claims that the United States would be safer if the bureau had access to encrypted cellphones during investigations. However, a recent survey by The Washington Post‘s Cybersecurity 202 showed opposition to the FBI’s demand that device and software makers give law enforcement a built-in way to access encrypted data with a warrant. More than 100 digital security experts were surveyed, and 72 percent disagreed with the FBI’s assertion they have a “back door”.
“The idea of the ‘golden key’ — access that only the ‘good guys’ can use — is a myth,” Jamie Winterton, director of strategy for Arizona State University’s Global Security Initiative, told The Washington Post. “Once that access has been created, it could be used by the FBI, or it could be used by foreign adversaries.”
“It boils down to liberty versus security, and I vote on the site of liberty,” said James D. Pompilio, Vice President of Security & Infrastructure at Garnet River. “People say they’ve lost all privacy, but if they’ve lost all privacy, it’s because they’ve chosen to give away and share their information.”
People need to have confidence in the security of the product they’ve purchased, if that’s part of the product’s purpose, Pompilio added. “If there is a back door that gets around the security, then the company may as well get out of that business.”
Mike Donnelly, Technical Architect and Systems Administrator at Garnet River, speculated on government conspiracy theories. “Who would the FBI share someone’s private information with?” he asked.
NEWS: Former employee of Israeli cybercompany NSO indicted after attempting to sell a hard drive containing spyware code for $50 million on dark web. Full story on haaretz.com.
While 72 percent of those surveyed disagreed with the FBI, Charles Brooks is among the 28 percent who agreed with the bureau. Brooks is a cybersecurity strategist at General Dynamics Mission Systems and a former legislative director of the Department of Homeland Security’s Science and Technology directorate. “When dealing with a potential terrorist threat, speed and accuracy to circumvent those threats are critical,” Brooks said in The Washington Post article. “Data on a cellphone could provide timely and lifesaving options. There is a balance between privacy and security, but protocols can be worked out by circumstances and scenarios.”
Brooks and some other experts said that threats posed by terrorists and other criminals who use encryption to conceal their activities outweighed consumer security and privacy concerns.
Pompilio compared digital privacy to personal privacy in the home, noting that most people lock their doors and close blinds at night.
The FBI would have an easier time with “unfettered access to encrypted communications,” said Melanie Teplinsky, an adjunct professor at American University’s Washington College of Law and former National Security Agency analyst. But there would be a serious cost, she said: “We can build back doors for FBI access, but back doors would weaken security at the very moment we should be fortifying it against an array of sophisticated cyberthreat actors including criminal syndicates and nation-state actors engaged in espionage, cyber sabotage, and/or influence operations.”
What’s your stance on the debate?
For historical perspective on the debate, read Michael D. Weisberg’s analysis. Mr. Weisberg, CISSP, is Vice President, Information Security and Assurance Services, at Garnet River.