Hands Off Americans' Private Information, Tech Industry Tells President

Major companies oppose government end-runs around encryption

J.D. Tuccille | 6.10.2015 11:17 AM

Just encrypt your phone already — Samsung

Last September, Scott Shackford asked, "What does it say about the state of Americans' relationship with their own government that its largest tech company can use the ability to conceal private information from authorities as a selling point?" He referred to plans voiced by both Apple and Google to encrypt smartphones by default so that only the owners would have access to stored data. Previously, Google offered encryption as an option, and Apple retained some access to devices it sold. With growing concern over government snooping post-Snowden, improved privacy has become very desirable feature for many people. Needless to say, the federal government has not been happy about the tech giants' stance.

"What concerns me about this is companies marketing something expressly to allow people to hold themselves beyond the law," FBI Director James Comey whined in response to Apple's and and Google's announced plans.

Months later, during a Senate hearing, Secretary of Homeland Security Jeh Johnson complained that "the marketplace is demanding deeper and deeper encryption into places where the warrant authority of the government does not extend." He added that "with encryption there are communications…records of which are simply not being maintained because of the added security that is being put in place because of the privacy demands that exist in the marketplace.

For their part, tech companies continue their push for strong encryption, most recently with a letter to the president warning about the danger to America's economy and people's liberties "[s]hould the U.S. government require companies to weaken encryption technology."

The commercial fallout of surveillance fears to American companies, a study finds, could be as high as $35 billion.

Sen. Rand Paul (R-Ky.) and Rep. Ted Lieu (D-Calif.) are among the handful of legislators who also slapped back at intrusive officials, pointing out that the government helped create demand for privacy products with its own actions. And there is demand for privacy. One in three American make some effort to hide their data from prying eyes—the government in particular. A new Gallup poll finds that Americans continue to prioritize civil liberties over "anti-terrorism" efforts by more than a two-to-one margin.

The public just doesn't share government officials' preference for security over freedom. By and large, people are not ready to compromise due process, privacy, or freedom of speech in the name of some search for imaginary threats by overbearing law enforcement officers, intrusive intelligence snoops, or power-hungry U.S. Attorneys.

In keeping with their customers' priorities, tech companies have also pushed back against the government. A letter sent yesterday to President Obama by the Information Technology Industry Council and the Software & Information Industry Association cautions, in part:

We are opposed to any policy actions or measures that would undermine encryption as an available and effective tool. As you know, encryption helps to secure many aspects of our daily lives. Encryption is an essential asset of the global digital infrastructure, enabling security and confidentiality for transactions as well as assurances to individuals that their communications are private and information is protected. For example, the rapid growth in online commerce would not have happened but for consumers' trust that their payment information is secure. Consumer trust in digital products and services is an essential component enabling continued economic growth of the online marketplace.

Accordingly, we urge you not to pursue any policy or proposal that would require or encourage companies to weaken these technologies, including the weakening of encryption or creating encryption "work-arounds." We appreciate that, where appropriate, law enforcement has the legitimate need for certain information to combat crime and threats. However, mandating the weakening of encryption or encryption "work-arounds" is not the way to address this need. Doing so would compromise the security of ICT products and services, rendering them more vulnerable to attacks and would erode consumers' trust in the products and services they rely on for protecting their information.

In addition to these security and trust concerns, the U.S. policy position on encryption will send a signal to the rest of the world. Should the U.S. government require companies to weaken encryption technology, such requirements will legitimize similar efforts by foreign governments. This would threaten the global marketplace as well as deprive individuals of certain liberties.

The two organizations, notably, represent Apple and Google, which have already provoked the feds, as well as Microsoft, Facebook, Twitter and other major companies that serve huge markets and have the potential to protect the public's privacy—or damage it under the weight of government commands and threats.

Read the whole letter here.

The Rattler is a weekly newsletter from J.D. Tuccille. If you care about government overreach and tangible threats to everyday liberty, this is for you.

NEXT: Hubbert's Peak Refuted: Peak Oil Theory Still Wrong

Hide Comments (72)

Editor's Note: As of February 29, 2024, commenting privileges on reason.com posts are limited to Reason Plus subscribers. Past commenters are grandfathered in for a temporary period. Subscribe here to preserve your ability to comment. Your Reason Plus subscription also gives you an ad-free version of reason.com, along with full access to the digital edition and archives of Reason magazine. We request that comments be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of reason.com or Reason Foundation. We reserve the right to delete any comment and ban commenters for any reason at any time. Comments may only be edited within 5 minutes of posting. Report abuses.

Crusty Juggler 10 years ago

"What concerns me about this is companies marketing something expressly to allow people to hold themselves beyond the law," FBI Director James Comey whined in response to Apple's and and Google's announced plans.

Fantastic.

Even if Google and Apple had better encryption wouldn't the assumption be that the NSA or whomever else could still gain access?
1. iCarl 10 years ago
  
  Possibly, though more likely by exploiting an implementation issue or hacking into a powered-on phone via the network than "cracking" the encryption.
  
  Also, you should "access" me via email.
  1. Crusty Juggler 10 years ago
    
    Accessed.
X[redacted]s 10 years ago

"What concerns me about this is companies marketing something expressly to allow people to hold themselves beyond the law," said a man whose career is predicated on holding himself beyond the law.
1. Crusty Juggler 10 years ago
  
  Comey took down one of the greatest threats this country has ever known: Martha Stewart.
Pro Libertate 10 years ago

Boycott the feds.
Hyperion 10 years ago

Like it matters, the Obama admin won't even comply with court orders, let alone caring what tech companies think.
Hamster of Doom 10 years ago

DUDE. WHAT THE FUCK, GUYS?!

Don't answer that, I've read Popehat.
1. iCarl 10 years ago
  
  Well, you're a little late to the party.
  
  You should email me, too.
  1. Riven 10 years ago
    
    Or you could email me, instead 😉
    1. iCarl 10 years ago
      
      Email everybody!
      
      Also, Steam isn't email. Speaking of which, you might email me, too.
      1. Riven 10 years ago
        
        Pass. But thanks.
        
        iCarl 10 years ago
        
        🙁
        
        Riven 10 years ago
        
        It's not you; it's me.
        
        iCarl 10 years ago
        
        "It's not you; it's me."? I invented "It's not you; it's me."!
        
        Riven 10 years ago
        
        Alright! Fine! It's you!
    2. Hamster of Doom 10 years ago
      
      I'd love to, but I don't have your email addys.
      
      thick socks denver at gmail dot com. Drop me a note. We should totally party.
      
      We're almost to the Grand Canyon, and I've got portable internet but let me tell you about Reason's mobile. Fuck Reason's mobile. I couldn't get it to accept my log in so I could properly have the feelz. I've been reading everything, so I think I'm up to speed, though.
      1. iCarl 10 years ago
        
        My email address is in my handle. 🙂
        
        Emailing you is easier, though, and I will contact you in a minute.
      2. Riven 10 years ago
        
        Omg--it's so true. Their mobile site is awful. I always switch over to desktop view; it's an option at the top of the page on the right, fyi.
      3. Pl?ya Manhattan. 10 years ago
        
        Dick pics incoming.
        
        Paul. 10 years ago
        
        Dick pics incoming.
        
        I said, "email sent".
        
        Pl?ya Manhattan. 10 years ago
        
        She's going to have a whole bag of dicks by lunchtime.
        
        Hamster of Doom 10 years ago
        
        I shall be merciful. I'm a nice person like that.
        
        Pl?ya Manhattan. 10 years ago
        
        Hey, I'm doing you a favor.
  2. Paul. 10 years ago
    
    email sent.
2. Hyperion 10 years ago
  
  Oh, I see now.... Are any of those posters regulars on H&R? I don't think I recognize any of them.
  
  Anyway, this sounds extremely weak.
  1. Paul. 10 years ago
    
    Two were for sure.
  2. Paul. 10 years ago
    
    I demothballed my blog for discussion (anyone who cares). I have some points on the users in question and thoughts on the whole thing.
    
    http://thewidenet.blogspot.com.....e-for.html
    1. Hyperion 10 years ago
      
      Ok, I see. Thanks, Paul.
3. X[redacted]s 10 years ago
  
  The upside of the whole debacle is, federal prosecutors are sure to come across SugarFree's blog any day now (if they haven't already), and their unprepared minds will disintegrate like an ice cube dropped into the sun.
  1. Scarcity 10 years ago
    
    Sounds like a true threat to me
X[redacted]s 10 years ago

"If you like your private information, you can keep your private information."
R C Dean 10 years ago

Security is security. If you want your stuff to be secure against the black hats, its going to be secure against the government, too.

And backdoors are backdoors. A backdoor the government can use is a backdoor the black hats can use.

For the fedgov, which just barfed up millions of employee files to hackers, to lecture the rest of us about how we don't need good security, is beyond laughable.
1. Hamster of Doom 10 years ago
  
  ^This. If the government gets its very own backdoor to everything, we might as well send our credit card info and pins directly to the Chinese government. It would save time.
Riven 10 years ago

It just boggles my mind that certain members of the government can't wrap their minds around the fact that people want privacy from their government (and everyone else) on principle. How difficult is that to understand? Pretty fucking difficult, I guess.
1. X[redacted]s 10 years ago
  
  If you aren't doing anything wrong, why do you need privacy?
  
  /every authoritarian ever
  1. Francisco d'Anconia 10 years ago
    
    Yeah...we've seen, up close, their definition of "wrong".
    1. Hamster of Doom 10 years ago
      
      Where do I apply to be the Bad Thoughts Inspector?
2. Hyperion 10 years ago
  
  But if the people have privacy from the government, who will protect us? How will they even know when we need protected without reading our email?
  
  Sounds like you want anarchy, mister. Just go live in Somalia!
  1. Florida Man 10 years ago
    
    Mx. Hyp. Mx.
3. sarcasmic 10 years ago
  
  Because they only know one principle: Might makes right.
  
  And they've got might on their side.
  1. mtrueman 10 years ago
    
    "And they've got might on their side."
    
    Don't underestimate laziness and ignorance - on your side.
    1. PM 10 years ago
      
      Quick reminder for everybody that mtrueman is a 9/11 Truther. Lest you ever consider taking anything he says - particularly an attack on your intelligence or education - seriously.
      1. mtrueman 10 years ago
        
        "Quick reminder for everybody that mtrueman is a 9/11 Truther"
        
        For a laugh, you may want to ask PM how a building in cascading collapse (think dominoes) can do so at free fall speed. He won't have an answer of course, but he's certain to take offence at your daring to question the government's ridiculous narrative.
mad.casual 10 years ago

% Take all steps necessary to prevent terrorism even if civil liberties violated
% Take steps necessary to prevent terrorism but not violate civil liberties

Oh Gallup, where are my '% Take no steps to prevent terrorism and don't violate civil liberties' and the '% Fuck you, cut spending' options?

Seems like the margin is better than 2-1 *with plenty of downward pressure*.
Paul. 10 years ago

But not hands off our IP, credit or banking information, or any other identifying information or associated devices connected to the user?
1. Judge Forrest's Clitdong 10 years ago
  
  No, and they also want all woodchippers to come equipped with an electronic lock that only allows us to use them after the operator files a required Form 1383-J (License to Dispose, Organic Judicial Material).
Don'tTreadOnMe 10 years ago

And so the Cyberwar begins...

"It is a period of Cyberwar.
Rebel programmers, striking
from a hidden basement, have won
their first victory against
the evil NSA.

During the battle, rebel
cryptologists managed to block data access
of the Executive Branch's
ultimate weapon, Prism,
a data intercepter with enough power to
monitor an entire planet.

Pursued by the Government's
sinister agents, Princess
HOPE types rapidly on her keyboard,
custodian of the
encryption technology that can save
her people and restore
freedom to the galaxy...."
1. Hamster of Doom 10 years ago
  
  May the odds be ever in our favor.
  1. Don'tTreadOnMe 10 years ago
    
    Just in case, I'm investing in a bunch of these....
    
    http://www.birdsnow.com/homingpigeon.htm
    1. Homple 10 years ago
      
      Pigeons could make you the next Paul Reuters.
      1. Don'tTreadOnMe 10 years ago
        
        Jumpin' Josephat!
    2. Unreconstructed 10 years ago
      
      Implementing RFC 2549? Excellent idea!
  2. Judge Forrest's Clitdong 10 years ago
    
    May the Chipper be with you.
Francisco d'Anconia 10 years ago

"What concerns me about this is companies marketing something expressly to allow people to hold themselves beyond the law," FBI Director James Comey whined in response to Apple's and and Google's announced plans.

WELL, perhaps if you shitbags hadn't completely undermined the 4th Amendment...
1. Paul. 10 years ago
  
  You know who else is undermining the 4th amendment?
The Late P Brooks 10 years ago

Just as you, your labor, and all proceeds thereof belong to the government, so too does all information.
PM 10 years ago

Forgive me for my cynicism, but considering the cozy relationship enjoyed by Big Tech and the government, and in light of the fact that every major internet company was surreptitiously participating enthusiastically in these surveillance programs up until Snowden blew the lid on the whole thing, I don't trust them one iota more than the government, and strongly suspect the "tension" between them is stage fighting.
1. Pro Libertate 10 years ago
  
  It's hard to know for sure. The government isn't playing by the rules much anymore, so those companies may not have been so gleeful in their cooperation. What changed for them and allowed them to behave differently was the public knowledge that they were involved. I'm sure the government issued the standard threats about keeping quiet about national security matters.
  1. X[redacted]s 10 years ago
    
    And even if the tech companies were participating willingly in government surveillance, the market incentives changed once enough of their customers got pissed off about it. Private companies, unlike government entities, actually have to be responsive to pressure from those who use their services.
    1. PM 10 years ago
      
      Private companies, unlike government entities, actually have to be responsive to pressure from those who use their services.
      
      Or at least have the appearance of being responsive, which I suspect is more the case here. The tech companies could have refused to acquiesce to the government's demands from the get go - they understood full well that their users would have been livid had they know the extent of their cooperation, which is why they kept it hidden. But go along to get along keeps that AdSense tap open. If Google, for instance, had told the government to shove it up their ass and go explain to half of the planet's population why there was no more Gmail and YouTube, the government's position would have been a lot more untenable than Google's. They didn't have the balls to do the right thing for their customers, so they lied to them instead. Fool me once, shame on you.
      1. Christophe 10 years ago
        
        One small tech company shut down rather than agree to ridiculous demands from the government (Lavabit). Another shutdown some of their services preemptively as well (Silent Circle). The only people who cared were the ones who already did. Nothing came of it.
        
        I too wish the bigger players had done that (and it may have worked), but it's not just money at stake, but jail time too, and not everyone wants to take that risk. I'm not going to give them shit for it.
        
        Pro Libertate 10 years ago
        
        I'm not so sure the government gives a shit anymore about pissing off consumers, as they'll just cloak it all in national security this and national security that. Never ever holding politicians accountable or limiting their power has a very heavy price.
  2. mtrueman 10 years ago
    
    "It's hard to know for sure. "
    
    So why entrust your secrets to an outfit that you know is susceptible to government threats?
mtrueman 10 years ago

"and other major companies that serve huge markets and have the potential to protect the public's privacy"

Major companies are there to make a profit. Looking to them to protect public privacy is not a good idea. Anyone ever heard of Tox, the encrypted, decentralized voip client, alternative to Microsoft's Skype? The people who developed Tox are not a Major company, they are not a company at all. They brazenly say in their publicity that "We are here for altruistic purposes."
1. PM 10 years ago
  
  Major companies are there to make a profit.
  
  That doesn't preclude them from also protecting public privacy (or more accurately, customer privacy) -- it may be the case that there is actually a great deal of profit to be made in doing so. However, many of the largest tech firms have demonstrated that they are not trustworthy in that regard.
  
  But given your posting history, I bet you're the kind of retard who thinks linux is a shining beacon of socialism, so there's no real point in discussing it with you.
  1. mtrueman 10 years ago
    
    Why trust a 3rd party with your secrets, whether or not they stand to make a profit?
    
    "I bet you're the kind of retard who thinks linux is a shining beacon of socialism"
    
    Name your terms.
2. X[redacted]s 10 years ago
  
  "public privacy"
  
  Ha!
Christophe 10 years ago

The biggest challenge for traditional tech companies is that making money from advertising is not compatible with privacy. It means that for the foreseeable future, widely available commercial services subject to US jurisdiction can't/won't give you full privacy.

In the long run though, one or more of the following will change that game.

Decent micropayment or other alternatives to advertising changes the incentives of service companies. They may choose to respond by collecting way less information/storing it in a way that requires the user's co-operation to decrypt.

Some stuff is way more sensitive than the rest. Messaging and email platforms can and will likely migrate to fully private systems in the next 5 years. That actually puts the bulk of our communications out of reach. Many smaller tech companies are already working on this stuff (TextSecure is awesome and I highly recommend it even to non-techies).

In the more extreme scenarios, some companies will do for online services what Silk Road did for drug markets: If providing privacy is outlawed, outlaws will provide privacy. How do you subpoena a site on the darknet when people talk about woodchippers?

So I'm hopeful overall: Even if the incumbents can't do the job, someone will step up to the plate. We've only had the public internet for 25-ish years. These things take time.
1. mtrueman 10 years ago
  
  "outlaws will provide privacy"
  
  I don't understand the urge to entrust your secrets to 3rd parties whether they be outlaws or respectable Major companies. P2P options like Tox which I mentioned earlier, cut out the middleman, don't expect to make money off you, don't advertise, and are available today for your downloading and installation pleasure.
  1. Christophe 10 years ago
    
    And where they're a viable option I agree. Which is why I think messaging and email are going to operate on that basis within 5 years. It's the other stuff that's way trickier.
    
    I happen to run a web service. Most of my customers would hate me if the first time they lost their password I told them there was nothing I could do since the data was encrypted with their password and thus unreadable even to the NSA.
    
    I personally would prefer to do it that way (since we don't use their private information and it's just more risk for us to have to store it in a recoverable form), but it's not my preference that matters.
    
    Unfortunately, as long as there's people who don't understand how to use crypto properly, there's going to a tradeoff between usability and privacy. It sucks but that's life. Maybe my grandchildren will live in a world where computer skills get taught in kindergarten and everyone has a PGP key, but I don't.
A Frayed Knot 10 years ago

Yes, hands off that private information so we can gather it and exploit it.

Please log in to post comments

Hands Off Americans' Private Information, Tech Industry Tells President

Major companies oppose government end-runs around encryption

Latest

Rise of the Samurai Lawyers

Marco Rubio Says He's Revoked 300 Student Visas Over Campus Activism

Pam Bondi Aims To Revive a Moribund Legal Process for Restoring Gun Rights

Trump Is Sabotaging His 'Drill, Baby, Drill' Agenda

How Backpage Became MILFS.com

Recommended

Login Form