Apple Opens Fire In Encryption Battle

So far, the debate over encryption has been vague and broadly drawn. On one side, Silicon Valley, arguing that weakening encryption puts normal people's privacy and security at risk (and threatens their relationships with customers). On the other, the security services, police and governments, arguing (sometimes without much firm proof) that encryption helps terrorists and makes the loss of life more likely.

The problem has been so far that much of this talk has been hypothetical. Governments haven't actually detailed how they would like to see encryption changed to help them. So technology companies' responses have been equally hazy. This is why Apple's intervention is important. It is a specific response to a specific piece of legislation. Granted, that legislation - the Government's Investigatory Powers Bill or so-called "Snoopers' Charter" - is still vague.

The Government has publicly said that it doesn't want to weaken encryption - the Home Secretary even repeated this when she introduced the bill in Parliament. But the bill could force companies to hand over data 'in the clear' - a pre-existing power which has, as far as we know, never been demanded and certainly never tested in court.

Apple gives that notion both barrels writing that, "this bill will put law abiding citizens at risk, not the criminals, hackers and terrorists.
"The fact is to comply with the Government's proposal, the personal data of millions of law abiding citizens would be less secure."

That's not too different from the broad-stroke objections we've heard so far. But in the rest of its submission, Apple goes through specific clauses of the bill, explaining why it objects to them and, crucially, suggesting how they could be improved.

This is a new stage of the debate. So much depends on the nitty-gritty of how laws are written. After much high-minded rhetoric from both sides, Apple is actually getting stuck in.
Sky: http://bit.ly/1Z1U2jg

 

« NSA Helped UK Spies Find Juniper's Security Holes
Islamic State Aims to Launch Cyberattacks on US »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

CGI Group

CGI Group

CGI is a leading IT and business process services provider. Services include IT consulting, Systems Integration, Application Development, Infrastructure, Business Processes, Digital IP.

KFSensor

KFSensor

KFSensor is an advanced 'honeypot' intrusion and insider threat detection system for Windows networks.

Computer Forensic Services

Computer Forensic Services

Computer Forensic Services are digital evidence specialists. Practice areas include Information Security, e-Discovery, Law Enforcement Support and Litigation.

Indusface

Indusface

Indusface offers best website security, web application firewall and SSL certificate to keep your online business much safer.

InstaSafe Technologies

InstaSafe Technologies

InstaSafe®, a Software Defined Perimeter based (SDP) one-stop Secure Access Solution for On-Premise and Cloud Applications.

Excelerate Systems

Excelerate Systems

Excelerate Systems is a leading provider of IT services with a focus on Big Data, Cloud Services and Security.

ubirch

ubirch

The ubirch platform is designed to ensure that IoT data is trustworthy and secure.

SevenShift

SevenShift

SevenShift is a security consulting firm with a wealth of experience in the worlds of Cybersecurity and Internet of Things (IoT).

Elitecyber Group

Elitecyber Group

Elitecyber group is a team of Cyber Security recruitment experts who work for Cyber Security and Cyber Defence clients and candidates throughout Europe.

Worldline

Worldline

Worldline IIoT solutions allow industrial companies to start their digital transformation journey with industrial level cyber security standards (IEC 62443 ready).

InferSight

InferSight

InferSight can help you design an architecture that takes into account security, performance, availability, functionality, resiliency and future capacity to avoid technological lock in and limitations

Nucleon Security

Nucleon Security

Nucleon Endpoint Detection and Response EDR is the most effective way to protect the value created by your organization against any threat.

Center for Information Technology Policy (CITP) - Princeton University

Center for Information Technology Policy (CITP) - Princeton University

The Center for Information Technology Policy at Princeton University is a nexus of expertise in technology, engineering, public policy, and the social sciences.

Trusted Technologies and Solutions (TTS)

Trusted Technologies and Solutions (TTS)

TTS is a security consulting company specialised on business continuity and crisis management, information security management, information risk management and identity and access management.

Profian

Profian

Profian’s hardware-based solutions maintain your data's confidentiality and integrity in use, providing true confidential computing to meet regulatory and audit requirements.

Nagomi Security

Nagomi Security

Nagomi is changing the way security teams balance risk and defense, empowering customers to focus on what matters now.