Encryption

What's Clear in the Encryption Debate Is That Some Politicians Don't Want to Listen

Officials don't seem to care if you're more vulnerable to criminals if it helps their pet causes.

|

Should homeowners be provided to give a copy of their keys to police in case they "need" access to their houses to fight crime?
Electronic Frontier Foundation

A couple of stories popped up in the news this week over the political fight for government "back door" encryption-bypassing tools that would allow officials access to users' private data in the name of fighting crime and terrorism.

First, on the national stage, surveillance-loving senators (as long as they're not the target) on the Intelligence Committee like Richard Burr (R-N.C.) and Dianne Feinstein (D-Calif.) don't even want to debate either the ethics or the security risks of mandating encryption back doors. They want access now, now, now! From The Hill:

Senate Intelligence Committee leaders want to move swiftly on encryption legislation and bypass a proposed national commission to study the topic first.

"I don't think a commission is necessarily the right thing when you know what the problem is. And we know what the problem is," Chairman Richard Burr (R-N.C.) said.

Burr is working on a bill with his committee's ranking member, Sen. Dianne Feinstein (D-Calif.), that would guarantee law enforcement access to encrypted data.

But Sen. Mark Warner (D-Va.) and House Homeland Security Committee Chairman Michael McCaul (R-Texas) are pushing their own competing proposal that would establish a national commission to investigate the issue before crafting legislation.

"What we're trying to do is get that collaboration started," Warner told reporters on Tuesday. "Let's get the experts in the room."

Who needs to talk? Our betters in the Senate "know what the problem is." Of course, everybody who understands encryption knows what the problem is with Burr and Feinstein's proposed solution: There is absolutely no way to guarantee that a back door bypass that can only be used by government officials and cannot be kicked open by hackers—either independent or foreign government-sponsored. (And of course, for us civil liberty types, there's the matter that the back doors could be abused by our own government for matters that have nothing to do with fighting terrorism—which is what happens which pretty much every surveillance tool we allow the government to use). Tech companies are mostly aligned against the idea of encryption back doors, with the notable exception of AT&T and its historical willingness to cooperate with authorities.

But what is the incentive for elected senators to actually listen to tech experts over the typical fearmongering over terrorism and expansion of government authority? Note that the "solution" for the concerns over potential abuses of surveillance tools is to grant tech companies protection from legal liability so that citizens can't sue. That's what happened with the Cybersecurity Act of 2015 in the recent omnibus bill. It's easy to say that Feinstein and Burr don't really understand the potential consequences of these kinds of efforts because what they're proposing is so ham-fisted and awful. But it's actually likely that they do understand the potential harms and that they don't actually care, given Congress' idea of a solution.

That Feinstein and senators have actually been targets of federal surveillance themselves has done nothing to dissuade them for this sort of push because they have concluded that their positions of power grant them unique protections that don't apply to the rest of us. And they'll likely never be punished by the electorate over such complex technical issues. If there's a major private sector cybersecurity breach as a result of forced back doors, what is the likelihood that a large segment of the public will understand it is a result of actions by Feinstein and Burr?

Meanwhile over in California, we have an example of an elected official attempting to use the lastest law-and-order magic words—"human trafficking"—to push for mandatory decryption on smart phones. Democratic Assembly Member Jim Cooper wants to order smartphone manufacturers to be capable of decrypting and providing access to their products on demand. Ars Technica got him on the phone for an explanation:

"If you're a bad guy [we] can get a search record for your bank, for your house, you can get a search warrant for just about anything," Cooper told Ars in a brief phone call on Wednesday afternoon. "For the industry to say it's privacy, it really doesn't hold any water. We're going after human traffickers and people who are doing bad and evil things. Human trafficking trumps privacy, no ifs, ands, or buts about it."

Note that at the start of 2016, a new law went into effect in California requiring authorities to get warrants to access digital records and location data from smartphones. Cooper's proposed legislation won't result in a new way to bypass that requirement. Nevertheless, tech experts tell Ars Technica that Cooper's plan has the same flaws as Feinstein and Burr's: It weakens everybody's cybersecurity and renders everybody more vulnerable to criminals with very little evidence it will actually help fight the crimes its proponents say it will.

Below, ReasonTV explains how to defy the likes of Feinstein, Burr, and Cooper and communicate anonymously online:

NEXT: Stunning Rejection of Scientific Values of Transparency and Skepticism at New England Journal of Medicine

Editor's Note: We invite comments and request that they be civil and on-topic. We do not moderate or assume any responsibility for comments, which are owned by the readers who post them. Comments do not represent the views of Reason.com or Reason Foundation. We reserve the right to delete any comment for any reason at any time. Report abuses.

  1. I don’t think a commission is necessarily the right thing when you know what the problem is.

    I demand my ignorance be codified in law!

    1. Some want a commission to study the need for your reaming before they ream you, others want to drop the pretense that there’s some chance you’re not going to get reamed – but I’m just happy to see it’s a bipartisan effort on both sides. It gives me some hope that the fierce debate between whether the reaming should be hard or the reaming should be long can be reasonably debated and a thoughtful compromise can be reached that will make both the long side and the hard side happy. Will it be long? Will it be hard? If only there were some way to have both!

    2. He’s a real dickburr.

  2. Since encryption technology is well known and can be done independently, encryption bans and mandated back doors will only leave honest people vulnerable.

    Real criminals and terrorists with IQs over 75 will develop there own encryption.

    1. Just make the act of encryption a crime. Problem solved!

    2. They don’t even need to develop their own encryption, which is risky. Free/Open Source Software already exists, so they merely need to make use of the source code and ensure there are no backdoors and remove them if so. You can’t make math stop working, and you can’t make all the Free Software that currently exists disappear.

      However, the fact that a law mandating backdoors in encryption software will never work is secondary to the simple reality that such a law is completely unethical and unconstitutional. People have a right to privacy and a right to write software that suits their needs (provides strong, backdoor-free encryption). Even if such laws would magically increase our safety, I would rather be less safe and more free. So no matter how you look at it, this encryption debate is nonsense.

      The government has no legitimate authority whatsoever to try to ban strong encryption. But that won’t stop it from attempting to do so, as usual.

    3. Considering the algorithms and the code that implements them is already in the public domain that is exactly right. This is about spying on average citizens just like the expanded NSA powers were about spying on average citizens. This has nothing to do with criminals or terrorists. This is about erecting the beams for the police state now that the concrete is poured.

  3. Has there been a single example of a seized terrorist cell phone, computer, etc. that the government was not able to access because of encryption?

    1. You don’t really think they would admit this, do you? The fact that there’s probably none would get them in very great trouble, and who would want that?

    2. I don’t know about terrorists, but there have been a handful of criminals (kiddie porn), although it didn’t stop them from getting convicted.

      There are unbreakable forms of encryption, even against well funded government agencies, but they are very often poorly implemented and thus can be effectively broken by methods other than brute force.

      1. There is no such thing as unbreakable in Government.

    3. not that they’ve admittted, though if there were some it would mitigate in their favour to make a big fuss over it. “If only we’d been able to decrypt their communications we’d have caught them in time…..”. Oh really, now?

      One thing I do recall reading… in the big Paris juhadi murder spree in all its multiple locations, officials recovered a number of mobil phones that had been used and lost/discarded/retained on the dead bodies of the perps. NOT ONE had any form if encryption, and in fact most were unlocked…. click ON, slide the arrow, the entire contents of the phone is yours. If THOSE sophisticated and practised purveyors of moslem death had open phones, is there REALLY a need for back door encryption busting here?
      And as to the San Bernardino pair, there was PLENTY f damning evidence that these two were not the harmnless lilly white proAmerica pair they were held to be by… our US Gummint. But they MISSED a number of actionable clues. Among them the FACT that the she-half of the wretched equation had given multiple non-existent addresses as places of former residence in her application for the K-1 visa that let her into this country under some colour of law. What, a native of Afghanistan walks right in, saying what she wants on the paperwork to grant her unfettered access here, and no one bothers to check? And they want OUR encryption data? Are this lot all barmy, or do they believe WE are? Because both sides of this issue cannot be sane.

  4. In a different world, a politician who said something like this would be forced to resign in disgrace:

    “Human trafficking trumps privacy, no ifs, ands, or buts about it.”

    1. “You know, in certain older civilized cultures, when men failed as entirely as you have, they would throw themselves on their swords.”

      1. It’s still funny that such a committed hard-cord prog can’t make a hero who’s NOT a libertarian at heart.

        1. hard-core either.

          PS: For the thousand and fifty-third time, an edit function would be appreciated.

    2. Trump! Trump! Trump!

      Wait, what?

    3. —Human trafficking trumps privacy, no ifs, ands, or buts about it.—

      and yet the very same person would become a quivering mass of sputters, cries, and profane bleats if the statement made was:

      —The right to life trumps privacy, no ifs, ands or buts about it.—

      Typical proggy-ism. The only rule is ‘I win’. or, put slightly differently ‘four legs good, two legs bad’.

  5. They are enraged and frightened over tech companies and individuals doing something that runs counter to their authoritrah.

  6. You libertarians and your quaint concepts of individual rights. Why do you hate children because that’s who we’re doing this for. In fact, I highly suspect you people are pro sex trafficking.

    That doesn’t work for you?

    OK then, terrorism or whatever, fuck you.

  7. Oh, be assured that the politicians *do* want to listen to you…but encryption would prevent them from doing so!

  8. Tom Cotton had a spiel on a podcast I follow, condemning Apple and other developers for not only having the temerity to refuse to give government a backdoor (or, as Cotton wants it, a FRONT door), but refusing to give themselves access to customer data.

    Apple no doubt thanks you for your unpaid endorsement, senator. Twit.

    1. And frankly, if we’re going to countenance significant cuts to American liberty in the service of protecting against highly improbable events, surely Cotton must embrace national gun registries and onerous background checks. They’re ineffective and invasive, sure, but if it prevents just one death, it must be worthwhile. Right?

  9. It’s the three monkeys of politics,see evil,hear evil,do evil in response.

  10. “If you’re a bad guy [we] can get a search record for your bank, for your house, you can get a search warrant for just about anything,” Cooper told Ars in a brief phone call on Wednesday afternoon. “For the industry to say it’s privacy, it really doesn’t hold any water. We’re going after human traffickers and people who are doing bad and evil things. Human trafficking trumps privacy, no ifs, ands, or buts about it.”

    Why is Cooper so soft on crime? He seriously supports going into bad guys’ records and looking at shit? If you know they’re bad guys why the hell are you not keeping them locked up in jail where they belong, you pro-freedom-for-criminals jackass? What does it matter what’s in their records if they’re already doing hard time for the crimes they’ve committed? It’s not like you need their records to prove they’re criminals, is it? Because then it looks like you’re using some form of circular reasoning by saying we’re only going to look at criminal’s records and we have to look at their records to know if they’re criminals. Only an idiot would say something that stupid, and you’re not an idiot are you, Mr. Cooper?

    1. Yep, the same old “We need this to find bad guys, and we’re only going to use it against bad guys” argument. And the majority of the populace falls for it.

  11. I wonder if this idiot is related to Aaron Burr? I live near Blennerhassett island on the Ohio river.The people involved in his plot..Have shot many a duck and goose form the upper end in the boat.

    1. Are you having a stroke?

  12. 6-21-3-11 4-9-1-14-14-5 6-5-9-14-19-20-5-9-14

    I like encryption.

    1. That’s the filthiest joke I’ve ever read!

      1. Probably the driest.

  13. By the way, all this proves that the government ISN’T and HAS NOT been ‘cracking’ encryption– that all they’ve mostly been accomplishing is compromising endpoints. As the endpoints are getting hardened up, they know what’s on the horizon, so they’re demanding that open access be mandated.

    1. That assumes facts not in evidence.

      For the sake of argument, let’s assume the NSA has cracked a few encryption codes. Not all of them, but maybe some of the big ones, like the ones used by China, Russia, etc.

      Do you really think anybody involved in code breaking at the NSA wants to go testify on record what encryption they’ve managed to crack and what they can’t crack? NORK troop movements are a bit more important than nailing some creep with a thing for kids.

      And there’s already a legal framework in place for dealing with the pedos. If the Feds caught someone looking at pedo porn from your IP, then they have probable cause to seize your computer, and can get a search warrant from a judge for your computer. Refuse to hand over the encryption key, and that’s a contempt of court charge.

      Most people usually comply. If you’re a pedo. then just hand it over, you’re already busted, so cop a plea. If you’re not a pedo, then hand it over to clear your name.

  14. In the end, the only comfort I take in this is Feinstein et. al. are too stupid to understand that they’re fighting a losing battle. The only question is, how many bodies will pile up while they swing about?

  15. What’s Clear in the Encryption Debate Is That Some Politicians Don’t Want to Listen

    They aren’t in the listening business. They’re in the telling business.

    1. It can’t be said any more plainly than this.

      1. I actually said that to somebody recently at work (well, more like “Right now, I’m not in the listening business. I’m in the telling business. I’m not interested in excuses. I’m interested in you doing what you are told.”)

        Yep. Mr. Warm and Fuzzy, at your service.

        1. A career in healthcare will do that to a person.

          I’m glad I’m out. 30 years teaches a man to hate.

  16. Apparently these senators think there is a ‘source’ for encryption that is controllable, or only corporations can ‘do’ encryption, or…something.

    They can cripple the overseas reputation of American IT entities into equivalence with Chinese counterparts, but little against those determined to scramble their comm.

    1. It may help them to catch the stupid criminals, but the stupid criminals are going to get caught anyway. Another case of a solution looking for a problem.

      Typical B.S. No matter what the question, the answer is ‘more’.

      …More power, more money, more control…

  17. How did anything get investigated (crime or intelligence) before phones (land and cell)?

  18. Officials don’t seem to care if you’re more vulnerable to criminals if it helps their pet causes.

    I thought we already learned that from the gun control debate. I still don’t understand why the pro-crypto folks don’t try to frame the debate in terms of gun rights when trying to convince the right. “Sure, terrorists can use it. Terrorists can also shoot up a Christmas party with guns, but would you let the government leave you defenseless against criminals on that account? Then why let it leave you defenseless against cybercriminals for the same reason?”

    1. Interesting approach.Interesting and sad re the validity of it.

    2. To be honest, I’m starting to think that ‘being more vulnerable to criminals’ is a feature, not a bug.

      If the average person is more vulnerable, he is going to want help. So, where is he going to go looking for help? The same fuckwads who caused the problem in the first place. So, they are going to demand even more money and power and control to ‘fix’ the problem they caused.

      I’m feeling especially cynical today.

  19. The headlines read: What’s Clear in the Encryption Debate Is That Some Politicians Don’t Want to Listen
    Officials don’t seem to care if you’re more vulnerable to criminals if it helps their pet causes.

    Is there supposedly something new re the above? Do I sound overly bitter or suspicious?

  20. Brilliant! And while we’re at it, let’s mandate that everyone leave a key to their house under the welcome mat for “law enforcement”. What could possibly go wrong?

  21. If Mrs. Diane “Mr. and Mrs. America, turn em all (guns, that is) in” Feinstein wants a bill passed, we KNOW to oppose it. She’s a very reliable and predicable entity. If she wants it, its bad for US.

  22. potato

Please to post comments

Comments are closed.