Snowden Intervenes In The Encryption Debate

Uploaded on 2016-05-02 in NEWS-News Analysis, INTELLIGENCE--International, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

NSA whistleblower and privacy advocate Edward Snowden took part in his first public debate on encryption recently, facing off against CNN’s Fareed Zakaria, a journalist and author known for his coverage of international affairs.

Zakaria, in New York, defended the government’s right to access any and all encrypted messages and devices as long as there’s court approval. Snowden, speaking from safety over a live video-link from Moscow, argued the security of the Internet is more important than the convenience of law enforcement. The debate was organised by NYU’s Wagner School of Public Service and the Century Foundation.

Though Zakaria started off firm in his conviction that law enforcement should be able to get hold of all digital messages with court approval, he gradually conceded that it may not be that simple. Zakaria said he himself doesn’t actively encrypt any of his communications, assuming everything will be fine — though Snowden pointed out that, since he has an iPhone, some of his data and communications are encrypted by default.

Zakaria opened the debate by posing a hypothetical: Bank of America creates an “iVault” allowing anyone to store all their financial data totally encrypted. An embezzler could take advantage of that service to hide the evidence of their misdeeds, foiling investigators. “I understand within a democracy, you have to sacrifice liberty for democracy at some point. You cannot have an absolute zone of privacy,” he said.

Snowden agreed with Zakaria that absolute zones of privacy don’t exist, and that encryption does pose real problems for law enforcement. But he disagreed that universal access is the best way to solve the problem. “For the government to unlock everything there has to be a key to everything. Every other person in the world can find that key and use it too,” he said. “It’s a fundamental problem of science.”

Instead, he suggested, police should take advantage of the many other options available to them. He cited the investigation into the founder of Silk Road, an anonymous, encrypted platform for black market drug sales. In that case, a team of investigators caught the mastermind at the library after he typed in his password.

“Encryption is not an unbreakable wall,” Snowden said. “Or if it is, it is one we can get around, if we are patient, if we are careful, if we think and plan how to go about our investigations.”

By the end of the debate, Zakaria said he did not support the legislation proposed by Senators Richard Burr, R-N.C., and Dianne Feinstein, D-Calif., which would mandate companies to immediately decrypt all communications when asked by a court. The bill has been heavily criticised by technologists.

And Zakaria acknowledged that if it was genuinely impossible for a company to decrypt communications, then the court should accept that, though it would be a “hard case.”

“If WhatsApp says we literally do not know how to write this code, WhatsApp could demonstrate to a court that they don’t have to do it,” Zakaria said.

He concluded by encouraging greater clarity about what kind of communications the government can and cannot access, before the next disastrous terrorist attack. “We do face real threats out there. There are people out there trying to do bad things. Once they happen, the government will be given carte blanche,” he said.

Snowden noted that former security officials now proclaiming the value of unbreakable encryption, including former NSA director Michael Hayden, had considered those questions carefully and had fallen on the side of computer security.
The Intercept: http://bit.ly/1SqWg

« Bangladesh Bank Hackers Compromised SWIFT
Driverless Trucks Are On The Way. »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

rPeople Staffing

rPeople Staffing

rPeople provides direct placement in all areas of your organization, including and specializing in Technical and Executive hiring.

Black Hat Briefings

Black Hat Briefings

The Black Hat Briefings are a series of highly technical information security conferences that bring together thought leaders from all facets of the infosec world.

Abusix

Abusix

Abusix specializes in Internet security, network abuse handling, antispam and fraud prevention.

_cyel

_cyel

_cyel is introducing a new cybersecurity strategy: not a new generation of patches and firewalls, but moving target security – we take away the targets. Without replacing your existing system.

GreyCortex

GreyCortex

GreyCortex uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.

DestructData

DestructData

DestructData is a leading independent provider of End of Life data destruction/security solutions.

Evanston Technology Partners (ETP)

Evanston Technology Partners (ETP)

ETP provides services and solutions to enable and transform businesses in the areas of cybersecurity, data protection, and efficient operations practices.

Wynyard Group

Wynyard Group

Wynyard Group is a niche, technology-driven company specializing in Integrated Border Security solutions for enhanced public safety.

Fingent

Fingent

Fingent develops strategic software solutions for businesses across the globe in areas including Network Security, Infrastructure Security, Application Security, Risk and Compliance.

Cyber Resilience

Cyber Resilience

Cyber Resilience offer an intensive program designed to help you create strategies to quickly become cyber resilient and to manage cyber risks in a measurable and predictable way.

Innosphere Ventures

Innosphere Ventures

Innosphere Ventures is Colorado’s leading science and technology incubator, accelerating the success of high-impact startup and scaleup companies.

Coviant Software

Coviant Software

Coviant Software delivers secure managed file transfer (MFT) software that integrates smoothly and easily with business processes.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Persistent Systems

Persistent Systems

Persistent Systems are a trusted Digital Engineering and Enterprise Modernization partner, combining deep technical expertise and industry experience to help our clients.

Dimension Data

Dimension Data

Dimension Data is a leading African born technology provider operating in the Middle East and Africa, offering a portfolio of services including intelligent security solutions.

DigitalPlatforms

DigitalPlatforms

DigitalPlatforms SpA is an Italian group with the mission of providing end-to-end solutions and Internet of Things and Cyber technologies to companies that manage critical infrastructures.