Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Architecture

Tech Firms, Activists Press US on Encryption

Some 140 tech companies, civil liberties and privacy activists urged the White House Tuesday to pull back efforts to weaken encryption or include law enforcement “backdoors” on technology products.

Some 140 tech companies, civil liberties and privacy activists urged the White House Tuesday to pull back efforts to weaken encryption or include law enforcement “backdoors” on technology products.

The effort marked the latest turn of events in a dispute between Silicon Valley firms and the US government, which is seeking ways to access encrypted phones and other devices to root out criminals and terrorists.

In a letter to President Barack Obama, the signatories urged the administration “to reject any proposal that US companies deliberately weaken the security of their products.”

“Strong encryption is the cornerstone of the modern information economy’s security,” the letter said.

“Encryption protects billions of people every day against countless threats — be they street criminals trying to steal our phones and laptops, computer criminals trying to defraud us, corporate spies trying to obtain our companies’ most valuable trade secrets, repressive governments trying to stifle dissent, or foreign intelligence agencies trying to compromise our and our allies’ most sensitive national security secrets.”

The letter was a response to pleas from the FBI and National Security Agency to allow US law enforcement and intelligence services access to encrypted devices as part of lawful investigations.

Those comments in recent months followed moves by Apple, Google and others to enable encryption of phones and other devices, with the keys only in users’ hands, so the companies would be unable to unlock or provide data even with a court order.

Tuesday’s letter — endorsed by Facebook, Apple, Microsoft, Twitter, Yahoo and other tech firms — argued that there is no way to enable this kind of access without weakening security.

“Whether you call them ‘front doors’ or ‘back doors,’ introducing intentional vulnerabilities into secure products for the government’s use will make those products less secure against other attackers,” said the letter.

“Every computer security expert that has spoken publicly on this issue agrees on this point, including the government’s own experts.”

Kevin Bankston, of the New America Foundation’s Open Technology Institute, said the message is important for the White House to hear as it weighs its response on encryption standards.

“We thought it important to ensure that President Obama heard now a clear and unified message from the Internet community: encryption backdoors are bad for privacy, bad for security, bad for human rights, and bad for business,” he said.

Others endorsing the letter included the American Civil Liberties Union, American Library Association, Electronic Frontier Foundation, Reporters Committee for Freedom of the Press, the Internet Association and more than two dozen academics and security researchers.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Audits

Out of the 335 public recommendations on a comprehensive cybersecurity strategy made since 2010, 190 were not implemented by federal agencies as of December...

Network Security

Attack surface management is nothing short of a complete methodology for providing effective cybersecurity. It doesn’t seek to protect everything, but concentrates on areas...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Endpoint Security

Apple has launched a new security research blog and website, which will also be the new home of the company’s bug bounty program.

Incident Response

Implementation of security automation can be overwhelming, and has remained a barrier to adoption

Application Security

Big-game malware hunters at Volexity are shining the spotlight on a sophisticated Chinese APT caught recently exploiting a Sophos firewall zero-day to plant backdoors...

Application Security

Cybersecurity powerhouse Palo Alto Networks on Thursday announced plans to spend $195 million in cash to acquire Israeli startup Cider Security, a deal that...