IT Support and Hardware for Clinics
32.6K views | +15 today
Follow
IT Support and Hardware for Clinics
News, Information and Updates on Hardware and IT Tools to help improve your Medical practice
Your new post is loading...
Your new post is loading...
Scoop.it!

Law Banning Default Encryption Unlikely

Law Banning Default Encryption Unlikely | IT Support and Hardware for Clinics | Scoop.it

Laws rarely, if ever, keep up with technology, but even if they could, the consequences could prove more harmful than the benefits.

That was evident at an April 29 hearing of the House Oversight and Government Reform Subcommittee on Information Technology that addressed the encryption - and security - of mobile devices.

 Upholding civil liberties and civil rights are not burdens. They make all of us safer and stronger. 


Here's the problem the panel addressed that faces law enforcement: Encryption is the default setting for new Apple iPhone and Google Android mobile devices, meaning that law enforcement cannot gain access to encrypted data on the devices even if they have a search warrant. To gain access, the manufacturers would have to create a so-called "backdoor," and give law enforcement a special key to decrypt data on mobile devices. Without such a key, law enforcement could gain access only with the permission of the devices' owners, an unlikely scenario if the encrypted data contains incriminating evidence.

"We call it 'going dark,' and it means that those charged with protecting the American people aren't always able to access the information necessary to prosecute criminals and prevent terrorism even though we have lawful authority to do so," FBI Executive Assistant Director Amy Hess told lawmakers.

Backdoor Benefits

Hess furnished the subcommittee with examples on how accessing data enabled forensics experts to solve crimes, including kidnaping, false rape accusation and murder.


"Today's encryption methods are increasingly more sophisticated, and pose an even greater challenge to law enforcement," she said. "We are seeing more and more cases where we believe significant evidence resides on a phone, a tablet or a laptop - evidence that may be the difference between an offender being convicted or acquitted - but we cannot access it."


Advocates of giving law enforcement a backdoor key include President Obama and FBI Director James Comey. At the Congressional hearing, Suffolk County (Mass.) District Attorney Daniel Conley voiced strong support: "The Fourth Amendment allows law enforcement access to the places where criminals hide evidence of their crimes, once the legal threshold has been met," Conley testified. "In decades past, these places were car trunks and safety deposit boxes; today they are computers and smartphones."

Questioning Motives of Apple, Google

Conley dismissed Apple's and Google's contention that the default encryption they offer on their devices safeguards consumers' privacy.

"Their nominal commitment to privacy rights would be far more credible if they were forbidding themselves access to their customers' interests, search terms and consumer habits, but as we all know, that's not a step they're willing to take," Conley said. "Instead, they're taking full advantage of their customers' private data for commercial purposes while building an impenetrable barrier around evidence in legitimate, court-authorized criminal investigations."


Hess and Conley make a somewhat sound argument. After all, police, with the proper court order, can break into filing cabinets to retrieve evidence. But the rules of the physical world don't always translate well into the virtual one. And other witnesses at the hearing made more compelling arguments for why creating an electronic backdoor is a very bad idea.


"Unfortunately, harsh technical realities make such an ideal solution [a backdoor] effectively impossible, and attempts to mandate one would do enormous harm to the security and reliability of our nation's infrastructure, the future of our innovation economy and our national security," said cryptographer Matthew Blaze, an associate professor of computer and information science at the University of Pennsylvania. "We just can't do what the FBI is asking without weakening our infrastructure."

Undermining U.S. Cybersecurity

Providing a backdoor would undermine America's cybersecurity. "While the FBI would have us believe that law enforcement alone will be privy to our sensitive data, history demonstrates that bad actors will always be ahead of the curve and find an avenue to manipulate those openings," said Jon Potter, president of Application Developers Alliance, a trade group. "As one well-regarded cryptographer said, 'You can't build a backdoor that only the good guys can walk through.'"

Creating a backdoor could potentially cost the American economy billions of dollars in lost business. Kevin Bankston, policy director of the think tank New America's Open Technology Institute, says a backdoor would give foreign users, including corporations and governments that especially rely on the security of technologies, even more incentive to avoid American wares and turn to foreign competitors. "To put it bluntly," he said, "foreign customers will not want to buy or use online services, hardware products, software products or any other information systems that have been explicitly designed to facilitate backdoor access for the FBI or the NSA."

Encryption Mitigates Risks

But the most compelling argument for retaining default encryption that's beyond the reach of law enforcement is that it makes everyone safer, especially on smartphones. "The vast amount of personal information on those devices makes them especially attractive targets for criminals aiming to commit identity theft or other crimes of fraud, or even to commit violent crimes or further acts of theft against the phone's owner," Bankston said.


"By taking this step for their customers and turning on encryption by default," he said, "mobile operating system vendors have completely eliminated the risk of those crimes occurring, significantly discouraged thieves from bothering to steal smartphones in the first place, and ensured that those phones' contents will remain secure even if they are stolen."


It's an argument that can persuade even the most ardent supporters of law enforcement and intelligence agencies. The subcommittee's chairman - freshman Republican William Hurd of Texas, a former undercover CIA agent and cybersecurity strategist, concluded the hearing by opposing offering law enforcement a backdoor. "I hold everyone in law enforcement and the intelligence community to a higher standard," he said. "Upholding civil liberties and civil rights are not burdens. They make all of us safer and stronger."


more...
Jan Vajda's curator insight, May 2, 2015 1:53 PM

Přidejte svůj pohled ...

Scoop.it!

Senate renews plan to ban internet taxes forever

Senate renews plan to ban internet taxes forever | IT Support and Hardware for Clinics | Scoop.it

Do you ever look at your phone bill and wonder, “what the heck are all those fees?” While it’s a natural impulse to blame the mendacity of the phone company, most of those items are there because various governments put them there.

The good news is that federal law bans tax on internet service — meaning that most of us don’t see something like this on our broadband bill.

Well, for now, at least. Due to a quirk in Congress, the current relief from internet taxes is based on a temporary measure that keeps expiring and getting renewed on a short-term basis.

But as The Hill reported Tuesday, a bipartisan group in the Senate, led by John Thune (R-SD) and Ron Wyden (D-Or), wants to change that by passing a law called the Internet Tax Freedom Forever Act.

Those who follow these things may say we’ve seen this movie before, and that Congress has tried and failed to make the internet tax permanent in the past – most recently last December.

This time is likely to be different, however, as the bill appears to be finally decoupled from a more contentious proposal known as the Marketplace Fairness Act, which would have required online retailers to collect state sales tax.

While both measures are broadly related to taxes and the internet, they are are in fact separate issues: one is about taxing ISP connections, and the other is about how state sales tax should apply to online retailers. But in the past, supporters of the latter have tried to tie the two issues together when it came to voting in Congress.

Now that the Internet Tax Freedom Forever Act appears to be up for debate on its own, however, its chances of success seem high given that it enjoys broad bipartisan support.

The measure could, however, get tangled up in the hot button issue of the FCC’s proposal net neutrality, which Republicans want to portray as tax grab. As I’ve explained in the past, such claims — including a “study” claiming a $17 billion tax hit — appear utterly specious but, well, that won’t stop certain grandstanders from touting them anyways.

Finally, it remains to be seen how a permanent ban on ISP taxes would affect seven states (Hawaii, New Mexico, North Dakota, Ohio, South Dakota, Texas, and Wisconsin) that imposed internet taxes prior to October 1, 1998, and have been allowed to skirt the temporary ban because of a grandfather clause.


more...
Ivan Garcia-Hidalgo's curator insight, February 11, 2015 9:31 PM

Senate renews plan to ban internet taxes forever