IoT
IoT
IT Leadership // Security & Risk Strategy
News
3/10/2016
03:06 PM
50%
50%
RELATED EVENTS
Core System Testing: How to Achieve Success
Oct 06, 2016
Property and Casualty Insurers have been investing in modernizing their core systems to provide fl ...Read More>>

US Anti-Encryption Legislation Is Imminent: Report 

US Senators Feinstein and Burr are preparing legislation that would punish tech companies that refuse to cooperate with investigators, Reuters reports. French lawmakers recently backed a similar mandate that goes one step further by threatening jail time for execs who don't cooperate with law enforcement.

iPhone Encryption: 5 Ways It's Changed Over Time
iPhone Encryption: 5 Ways It's Changed Over Time
(Click image for larger view and slideshow.)

US senators are preparing legislation that would subject technology companies to a fine if they refuse to comply with court orders to help investigators access encrypted data. Reuters reported on the legislation March 9, citing sources familiar with the ongoing discussions.

Senators Richard Burr (R-NC) and Dianne Feinstein (D-CA), chairman and vice chairman, respectively, of the Senate Committee on Intelligence, may introduce the legislation as soon as next week, according to Reuters. The effort follows the initial approval of similar legislation in France, which cleared the lower chamber of Parliament with a vote of 474 to 32 on March 8.

The US legislation move comes as Apple and the FBI have roused a very public debate over Apple's refusal to unlock the iPhone of one of the San Bernardino, Calif., terrorists. The debate also involves questions as to whether Apple should be required to create software that would behave as a so-called backdoor into locked phones for future investigations.

Gain insight into the latest threats and emerging best practices for managing them. Attend the Security Track at Interop Las Vegas, May 2-6. Register now!

The US legislation will not seek criminal penalties, according to Reuters. French lawmakers, on the other hand, have backed a plan that could include jail time for technology executives who refuse to provide law enforcement with access to encrypted data during a terrorist investigation.

"An amendment providing the new power was submitted by the opposition party The Republicans and, while the government hasn't officially supported the measure, it was included in Justice Minister Jean-Jacques Urvoas's bill to overhaul legal procedures and fight organized crime in the wake of the Nov. 13 terrorist attacks that killed 130 people in Paris," Bloomberg Business reported March 8.

After National Security Agency (NSA) contractor Edward Snowden blew the whistle on US surveillance tactics, the White House shied away from proposing legislation that would force technology companies to cooperate with investigations, Reuters noted. But with the terrorist acts in San Bernardino and Paris, the "issue found renewed life."

(Image: James Anderson/iStockphoto)

(Image: James Anderson/iStockphoto)

In February, Apple enjoyed a brief victory when a Brooklyn judge ruled that Apple didn't need to comply with a government demand that it unlock the iPhone of a suspected New York drug dealer. However, in light of the more prominent court order in California to unlock the iPhone of one of the San Bernardino terrorists, the US Justice Department appealed the Brooklyn ruling March 7.

On March 1, Apple participated in a House Judiciary Committee hearing on the matter of encryption, and in the growing friction between law enforcement and the technology community.

Committee Chairman Bob Goodlatte, in his opening statement that morning, succinctly summed up the challenge: "We must answer this question. How do we deploy ever stronger, more effective encryption without unduly preventing lawful access to communications of criminals and terrorists intent on doing us harm? This now seems like a perennial question that has challenged us for years."

Michelle Maisto is a writer, a reader, a plotter, a cook, and a thinker whose career has revolved around food and technology. She has been, among other things, the editor-in-chief of Mobile Enterprise Magazine, a reporter on consumer mobile products and wireless networks for ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Page 1 / 2   >   >>
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
3/20/2016 | 3:33:09 PM
Re: The real question
So...does that mean AAPL is a buy?  :p
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Ninja
3/20/2016 | 3:32:11 PM
Re: The real question
In Louis Sachar's absurdist children's book Wayside School Is Falling Down, one of the children -- who doesn't want to obey the rules -- is taken aside and asked by a mysterious figure if he'd rather be safe or rather be free.  He chooses free.  From that day forward in the book, to the envy of his classmates, he never has to follow another school rule again and doesn't have to pay attention in class.

I like to think there's a lesson there.
Broadway0474
50%
50%
Broadway0474,
User Rank: Ninja
3/14/2016 | 11:33:45 PM
Re: The real problem
Banacek, that's a great point you make. It's a real shift in mindset that I think has seeped into many people's minds, maybe without them even knowing it. Mine included. I just watched a TV commercial for a local college promoting that they had one of the few computer science programs in the nation certified by the NSA. My first thought? Is that a GOOD thing?
Banacek
50%
50%
Banacek,
User Rank: Ninja
3/13/2016 | 11:48:30 PM
The real problem
The biggest problem our government has with getting public support for such bills is we've completely lost trust of our intelligence agencies, let alone our government, in doing anything to actually protect our rights, privacy, or us. Because once they have the capability, who's going to stop them from using it to expand it from 'terrorists' to 'instigators' like MLK? Or political opponents in order to get key legislation passed. Or to kill their campaign. Or to jus start looking into everyone's communications and documents looking for neer-do-wells.  

I'm sorry to say, but our own government has done more harm to the US people since 9/11 than what was done to us on 9/11, all in the name of 'security' and 'protecting' us.

So what's going to happen when the terrorists start using technology from outside of the US borders? Or start rolling their own cloud-based messaging systems with high-end encryption? Are they going to fine ISIS for not cooperating?
Banacek
50%
50%
Banacek,
User Rank: Ninja
3/13/2016 | 11:33:06 PM
Re: Passing laws to limit encryption...
"And a statute prohibiting such contests would certainly be struck down by the courts as unconstitutional on due process grounds."

Possibly. Possibly not. Or the government could claim any such appeals can only be done in secret court. You know, like how a company can appeal a FISA letter/warrant, to the point you can't even tell anyone you got the warrant, iffy if you can even tell your lawyer.
Broadway0474
50%
50%
Broadway0474,
User Rank: Ninja
3/12/2016 | 10:04:16 PM
Re: The real question
How is this legislation going to compel tech companies? How big of a fine would it need to be to have an impact? Taking a lesson from anti-corruption punishments, what works best is when you start locking up executives. I am not saying I am in any way condoning locking up Apple execs. Just stating an obvious fact, right?
jastroff
50%
50%
jastroff,
User Rank: Ninja
3/12/2016 | 4:46:07 PM
Re: The real question
We all want to be safe AND free - and that's the dilemma

Meantime, terrorists are buying iPhones 
moarsauce123
50%
50%
moarsauce123,
User Rank: Ninja
3/12/2016 | 1:37:31 PM
Pass laws that severely punish rampant abuse by security agencies
A more pressing need is legislation that punishes and jails those responsible for the rampant abuse of power and illegal activities at the three letter security agencies as well as all those in Congress who utterly failed to do their job of proper oversight. THAT is way more needed that bullying companies into giving up all means of protection they provide their customers.

Congresspeople, start doing your job!
jries921
100%
0%
jries921,
User Rank: Ninja
3/11/2016 | 12:51:39 PM
Re: Passing laws to limit encryption...
It is already illegal to disobey a court order.  It is called "contempt of court" and is a jailing offense. But one may contest a court order through the usual appeals process and that is what Apple is doing and should if management believes the order to be illegal.  And a statute prohibiting such contests would certainly be struck down by the courts as unconstitutional on due process grounds.

So given that, it is very unclear from the article what this bill would change.  Theoretically, Congress could bar appeals, but the controversy that would erupt from doing so would likely be deemed hazardous to the political health of members voting for it (and should).  Most likely, this is an attempt to explicitly authorize the sort of demand made of Apple in the San Bernardino case, which Apple is contesting on both statutory and constitutional grounds.  It would not apply to that case as the US Constitution prohibits ex post facto laws, but would apply in future cases.  And it could only override Apple's statutory objections to the order; the constitutional ones would remain.
timwessels
100%
0%
timwessels,
User Rank: Strategist
3/11/2016 | 10:48:23 AM
Passing laws to limit encryption...
Well, for those of you who were around in the 1990s, there was a huge political battle over the rights of ordinary citizens to use cryptography. A well written explation of what transpired in the 1990s was authored by Steven Levy in his book titled Crypto. The short story is the government didn't want citizens to be able to use cryptography, and they lost the political battle to claim that it had the exclusive right to control the use of cryptography.

In the distant past, cryptography was regarded by the state as a military secret.  In World War II, the English government employed cryptographers who broke the German "Enigma Machine" codes, and the U.S. government broke the Japanese military codes.

Governments put a high value on being able to access and decode information, especially the military and spying agencies like England's GCHQ and the U.S. NSA. And thanks to Mr. Snowden, we now understand that these agencies are willing to bend and break the law and violate our Constitutional rights in order to do it.

Curiously, the ACM has just announced that this year's A.M. Touring Award will go to Whitfield Diffie and Martin Hellman, who were pivotal in developing the Public Key Exchange used in Public Key Infrastructure encyrption technology.

Looks like defenders of the right to use encryption will have another political fight on their hands if Senators Feinstein and Barr have their way.

 

 

 

 

 

 
Page 1 / 2   >   >>
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.