White House Backs Off Encryption

Uploaded on 2015-10-15 in GOVERNMENT-Law Enforcement, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

In a victory for tech firms, the Obama administration will not force firms to breach the security of their products in order to provide information to law enforcement. The decision comes after a year after encryption introduced on iPhones and some Android phones sparked a debate between law enforcement and tech companies over access to phone data. With iOS 8, most data stored on the phone and communications over services like iMessage were encrypted in a way that only users could access it — not even Apple could.

FBI director James Comey then sounded the alarm that phone encryption would prevent law enforcement from accessing crucial information, warning “going dark” would derail crucial investigations. However technologists argued creating a so-called “back door” for law enforcement would create a security vulnerability that could be exploited by hackers and spies.

Comey signaled the administration was backing down in a Congressional hearing this week when he said the White House would not seek legislation to require companies to provide so-called “back doors” for law enforcement officials to access encrypted data. But on Saturday the New York Times reported the White House’s position goes even further. The White House will continue to require tech companies to cooperate with law enforcement, but the administration will not require them to exploit the security of their own products.

Intelligence agencies and law enforcement will now be reliant on work-arounds for encryption. They can seek data backed up to the cloud or unencrypted forms of communication through service providers, such as records of phone calls. They can also attempt to compel phone owners to turn over their passcodes.

The White House’s position represents a victory for privacy advocates in the wake of the disclosures of government contractor Edward Snowden about the surveillance practices of the National Security Agency. But the decision will likely draw anger from intelligence agencies as well as some lawmakers. Recently, Senate Judiciary Committee Chairman Chuck Grassley wrote a letter to the White House criticizing it for not taking a strong stance on encryption.

Still the New York Times report says tech firms do not think the administration has done enough. They are calling for the White House to release a clear statement it can bring to China and Europe, where government officials are threatening to ban encrypted devices or require companies to provide back door access.
Techcrunch: http://tcrn.ch/1PjwHno

 

« What is 'safe harbour' the EU Declared Invalid?
UK Crime Rate Soars as CyberCrime Included »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Trustwave

Trustwave

Trustwave is a leader in managed detection and response (MDR), managed security services (MSS), consulting and professional services, database security, and email security.

SentinelOne

SentinelOne

SentinelOne is a pioneer in delivering autonomous security for the endpoint, datacenter and cloud environments to help organizations secure their assets with speed and simplicity.

Managed Security Solutions (MSS)

Managed Security Solutions (MSS)

MSS deliver consultancy services and managed security services for IT departments who may lack the time, resources, or expertise themselves.

The Open Group

The Open Group

The Open Group: Leading the development of open, vendor-neutral IT standards and certifications.

Grupo CFI

Grupo CFI

Grupo CFI is the largest Spanish network of data protection and cybersecurity professionals.

Taoglas

Taoglas

Taoglas Next Gen IoT Edge software provides a pay as you go platform for customers to connect, manage and maintain their edge devices in an efficient and secure way.

Jerusalem Venture Partners (JVP)

Jerusalem Venture Partners (JVP)

JVP’s Center of Excellence in Be’er Sheva aims to identify, nurture and build the next wave of cyber security and big data companies to emerge out of Israel.

Rizikon Assurance

Rizikon Assurance

Rizikon Assurance is an Online System that improves Third-Party Assurance and Risk Management, through efficiency, automation and better visibility.

Secmation

Secmation

Secmation are an agile engineering services firm providing advanced DoD level security design and consultation services for both commercial and defense hardware and software applications.

Axitea

Axitea

Axitea designs, implements and develops the solutions best suited to its customers’ needs and their physical and cyber security requirements.

TransUnion

TransUnion

TransUnion is a global information and insights company that makes it possible for businesses and consumers to transact with confidence.

Marcum Technology

Marcum Technology

Marcum Technology consultants are focused on helping you reach your company’s full potential by exploring creative ways to integrate tomorrow’s technology into your business today.

Numen Cyber Technology

Numen Cyber Technology

Numen Cyber Technology is committed to becoming a Threat Discovery and Response expert for corporate customers.

TheHive Project

TheHive Project

TheHive Project is a Scalable, Open Source and Free Security Incident Response Platform for SOC, CSIRT and CERT teams.

ConductorOne

ConductorOne

ConductorOne is building the identity security platform for the modern workforce.

Invictus International Consulting

Invictus International Consulting

Invictus International Consulting are a recognized leader in full-spectrum cyber technology solutions designed to protect the security of our nation's global defense and critical infrastructure.