Snowden Intervenes In The Encryption Debate

Uploaded on 2016-05-02 in NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

NSA whistleblower and privacy advocate Edward Snowden took part in his first public debate on encryption recently, facing off against CNN’s Fareed Zakaria, a journalist and author known for his coverage of international affairs.

Zakaria, in New York, defended the government’s right to access any and all encrypted messages and devices as long as there’s court approval. Snowden, speaking from safety over a live video-link from Moscow, argued the security of the Internet is more important than the convenience of law enforcement. The debate was organised by NYU’s Wagner School of Public Service and the Century Foundation.

Though Zakaria started off firm in his conviction that law enforcement should be able to get hold of all digital messages with court approval, he gradually conceded that it may not be that simple. Zakaria said he himself doesn’t actively encrypt any of his communications, assuming everything will be fine — though Snowden pointed out that, since he has an iPhone, some of his data and communications are encrypted by default.

Zakaria opened the debate by posing a hypothetical: Bank of America creates an “iVault” allowing anyone to store all their financial data totally encrypted. An embezzler could take advantage of that service to hide the evidence of their misdeeds, foiling investigators. “I understand within a democracy, you have to sacrifice liberty for democracy at some point. You cannot have an absolute zone of privacy,” he said.

Snowden agreed with Zakaria that absolute zones of privacy don’t exist, and that encryption does pose real problems for law enforcement. But he disagreed that universal access is the best way to solve the problem. “For the government to unlock everything there has to be a key to everything. Every other person in the world can find that key and use it too,” he said. “It’s a fundamental problem of science.”

Instead, he suggested, police should take advantage of the many other options available to them. He cited the investigation into the founder of Silk Road, an anonymous, encrypted platform for black market drug sales. In that case, a team of investigators caught the mastermind at the library after he typed in his password.

“Encryption is not an unbreakable wall,” Snowden said. “Or if it is, it is one we can get around, if we are patient, if we are careful, if we think and plan how to go about our investigations.”

By the end of the debate, Zakaria said he did not support the legislation proposed by Senators Richard Burr, R-N.C., and Dianne Feinstein, D-Calif., which would mandate companies to immediately decrypt all communications when asked by a court. The bill has been heavily criticised by technologists.

And Zakaria acknowledged that if it was genuinely impossible for a company to decrypt communications, then the court should accept that, though it would be a “hard case.”

“If WhatsApp says we literally do not know how to write this code, WhatsApp could demonstrate to a court that they don’t have to do it,” Zakaria said.

He concluded by encouraging greater clarity about what kind of communications the government can and cannot access, before the next disastrous terrorist attack. “We do face real threats out there. There are people out there trying to do bad things. Once they happen, the government will be given carte blanche,” he said.

Snowden noted that former security officials now proclaiming the value of unbreakable encryption, including former NSA director Michael Hayden, had considered those questions carefully and had fallen on the side of computer security.
The Intercept: http://bit.ly/1SqWg

« Bangladesh Bank Hackers Compromised SWIFT
Driverless Trucks Are On The Way. »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

NATO Cooperative Cyber Defence Centre (CCDCOE)

NATO Cooperative Cyber Defence Centre (CCDCOE)

NATO CCDCOE's mission is to enhance the capability, cooperation and information sharing among NATO, NATO nations and partners in cyber defence.

National Trading Standards eCrime Team (NTSeCT) - United Kingdom

National Trading Standards eCrime Team (NTSeCT) - United Kingdom

The National Trading Standards eCrime Team tackles online consumer scams, rip-offs and fraud, as well as those committed by text or email.

Protegrity

Protegrity

Protegrity is an enterprise and cloud data security software for data-centric encryption and tokenization to protect sensitive data while maintaining usability.

SISSDEN

SISSDEN

SISSDEN will improve cybersecurity through the development of increased awareness and the effective sharing of actionable threat information.

Komodo Consulting (KomodoSec)

Komodo Consulting (KomodoSec)

Komodo Consulting specializes in Penetration Testing and Red-Team Excercises, Cyber Threat Intelligence, Incident Response and Application Security.

OSIRIS Lab - NYU Tandon

OSIRIS Lab - NYU Tandon

The Offensive Security, Incident Response & Internet Security Lab (OSIRIS) is a security research environment where students analyze and understand how attackers take advantage of real systems.

Zivaro

Zivaro

Zivaro provides transformational consulting and technology services to help clients attain real business value from their technology investments.

Acuant

Acuant

Acuant is a leading global provider of identity verification, regulatory compliance (AML/KYC) and digital identity solutions.

SecureMe2

SecureMe2

SecureMe2 ‘s mission is to make organizations more responsive to digital threats by deploying smart technology in a highly accessible way.

Blockchain Reactor

Blockchain Reactor

Blockchain Reactor is a blockchain consultancy and implementation company providing cutting-edge blockchain solutions for start-ups and enterprises.

Cybersecure Policy Exchange (CPX)

Cybersecure Policy Exchange (CPX)

Cybersecure Policy Exchange is a new initiative dedicated to advancing effective and innovative public policy in cybersecurity and digital privacy.

Testhouse Ltd

Testhouse Ltd

Testhouse is a thought leader in the Quality Assurance, software testing and DevOps space. Founded in the year 2000 in London, UK, with a mission to contribute towards a world of high-quality software

Zokyo

Zokyo

Zokyo is a venture studio that builds, secures, and funds legendary web3/crypto businesses.

Port443

Port443

Port443 specialises in providing Security Orchestration, Automation and Remediation (SOAR) "as a service".

Nova Microsystems

Nova Microsystems

Nova's mission is to revolutionize cybersecurity through continuous data analysis and dynamic AI-driven encryption.

QualySec

QualySec

QualySec is a leading cybersecurity firm specializing in comprehensive penetration testing and risk assessment services.