White House Backs Off Encryption

Uploaded on 2015-10-15 in GOVERNMENT-Law Enforcement, GOVERNMENT-National, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

In a victory for tech firms, the Obama administration will not force firms to breach the security of their products in order to provide information to law enforcement. The decision comes after a year after encryption introduced on iPhones and some Android phones sparked a debate between law enforcement and tech companies over access to phone data. With iOS 8, most data stored on the phone and communications over services like iMessage were encrypted in a way that only users could access it — not even Apple could.

FBI director James Comey then sounded the alarm that phone encryption would prevent law enforcement from accessing crucial information, warning “going dark” would derail crucial investigations. However technologists argued creating a so-called “back door” for law enforcement would create a security vulnerability that could be exploited by hackers and spies.

Comey signaled the administration was backing down in a Congressional hearing this week when he said the White House would not seek legislation to require companies to provide so-called “back doors” for law enforcement officials to access encrypted data. But on Saturday the New York Times reported the White House’s position goes even further. The White House will continue to require tech companies to cooperate with law enforcement, but the administration will not require them to exploit the security of their own products.

Intelligence agencies and law enforcement will now be reliant on work-arounds for encryption. They can seek data backed up to the cloud or unencrypted forms of communication through service providers, such as records of phone calls. They can also attempt to compel phone owners to turn over their passcodes.

The White House’s position represents a victory for privacy advocates in the wake of the disclosures of government contractor Edward Snowden about the surveillance practices of the National Security Agency. But the decision will likely draw anger from intelligence agencies as well as some lawmakers. Recently, Senate Judiciary Committee Chairman Chuck Grassley wrote a letter to the White House criticizing it for not taking a strong stance on encryption.

Still the New York Times report says tech firms do not think the administration has done enough. They are calling for the White House to release a clear statement it can bring to China and Europe, where government officials are threatening to ban encrypted devices or require companies to provide back door access.
Techcrunch: http://tcrn.ch/1PjwHno

 

« What is 'safe harbour' the EU Declared Invalid?
UK Crime Rate Soars as CyberCrime Included »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Advent IM

Advent IM

Advent IM is one of the UK’s leading independent cyber security specialists, with a unique approach to providing holistic security management solutions.

World Privacy Forum (WPF)

World Privacy Forum (WPF)

The World Privacy Forum is a non-profit public interest research group that focuses on privacy and technology issues.

International Association for Cryptologic Research (IACR)

International Association for Cryptologic Research (IACR)

(IACR is a non-profit scientific organization whose purpose is to further research in cryptology and related fields.

ACI Worldwide

ACI Worldwide

ACI Worldwide powers electronic payments for more than 5,000 organizations around the world.

Ericsson

Ericsson

Ericsson is a leading provider of telecommunications services and network infrastructure solutions including all aspects of network security.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Naval Dome

Naval Dome

Naval Dome provides the first maritime multilayer cyber defense solution for mission critical onboard systems.

Corvid

Corvid

Corvid is an experienced team of cyber security experts who are passionate about delivering innovative, robust and extensive defence systems to help protect businesses against cyber threats.

Veracity Industrial Networks

Veracity Industrial Networks

Veracity provides an innovative industrial network platform that improves the reliability, efficiency, and security of industrial networks and devices.

Penacity

Penacity

Penacity, LLC provides strategic consulting technology services and Information Security Services to commercial and government organizations.

Empiric

Empiric

Empiric is a multi-award winning technology and transformation recruitment agency specialising in data, digital, cloud and security.

Attack Research

Attack Research

We go far beyond standard tools and scripted tests. Find out if your network or technology can stand real-world and dedicated attackers.

doIT Solutions

doIT Solutions

doIT solutions specialize in IT security and infrastructure, security automation, data center, and cybersecurity.

Quantropi

Quantropi

Quantropi is bound to be the standard for quantum-secure data communications – forever unbreakable, no matter what.

Technivorus Technology

Technivorus Technology

Technivorus is a deep-tech firm delivering customized Cybersecurity, Digital Marketing, Web & App Development, and multifarious IT services for businesses across the globe.

Geobridge

Geobridge

Geobridge was one of the first information security solutions providers to support cryptography and payment applications for payment processors, financial institutions and retail organizations.