The modern world is full to the brim with hackers, government surveillance programs, and cyber attacks, all of which target the devices of people who are both innocent and guilty of crimes. As National Security Agency leaker Edward Snowden has said, the only method of protection against these common threats is encryption. However, U.S. Secretary of Homeland Security Jeh Johnson doesn’t think it’s such a good idea.
“The current course we are on toward deeper and deeper encryption presents real challenges for law enforcement and national security.”
During the RSA security conference in San Francisco, Johnson gave a speech about encryption, and the government’s efforts to work with Silicon Valley to make Americans feel more secure on the Web. He also expressed the federal government’s growing concern over the trend towards default encryption settings on mobile operating systems from Apple and Google. Both iOS and Android come with much higher-level encryption than ever before, a move that was in part forced by public demand after Snowden’s revelations on the NSA’s programs aired.
“The current course we are on, toward deeper and deeper encryption in response to the demands of the marketplace, is one that presents real challenges for those in law enforcement and national security,” Johnson stated.
He continued with the same argument other government officials, including President Barack Obama, have used to encourage companies to lessen encryption: that the government’s “inability to access encrypted information poses public safety challenges.” If the government can’t look at information on a suspected terrorist’s phone for example, the authorities cannot prevent potential national security threats. If authorities cannot track criminals’ devices, they can’t bust drug rings or other serious criminal operations, Johnson argued. His conclusion was that the government needed to be on the cutting edge of technology in order to best protect Americans.
“Let me be clear: I understand the importance of what encryption brings to privacy,” Johnson admitted. “But, imagine the problems if, well after the advent of the telephone, the warrant authority of the government to investigate crime had extended only to the U.S. mail.”
“Cybersecurity must be a partnership between government and the private sector.”
“We in government know that a solution to this dilemma must take full account of the privacy rights and expectations of the American public, the state of the technology, and the cybersecurity of American businesses,” he continued. “Homeland security itself is a balance — a balance between the basic, physical security of the American people and the liberties and freedoms we cherish as Americans.”
Johnson called upon Silicon Valley experts for help in achieving this balance without resorting to a system that makes “everybody suspicious of each other,” which is essentially what the NSA’s programs have achieved.
He also announced the government’s new initiative to recruit Silicon Valley security researchers to work for the Department of Homeland Security. Johnson went so far as to imply that it is the security researchers’ civic duty to help the government with cyber security. “I hope some of you listening will consider a tour of service for your country,” he said.
“Cybersecurity must be a partnership between government and the private sector,” Johnson concluded. “We need each other, and we must work together. There are things government can do for you, and there are things we need you to do for us.”
The department will even open up a satellite office in Silicon Valley, “to strengthen critical relationships in Silicon Valley and ensure that the government and the private sector benefit from each other’s research and development.”
Although Johnson seemed to indicate that the best way to find the middle ground and perhaps even curb the scope of mass surveillance programs would be if Silicon Valley worked with the government and not against it, he did not say anything about ending the programs that have created the divide between the two. Indeed, it seems unlikely that the government would voluntarily leave the NSA’s programs behind, especially given Johnson’s remarks about the so-called dangers of encryption.
- The South Korean smart home hack is the stuff of nightmares
- Frustrated security researcher discloses Windows zero-day bug, blames Microsoft
- A flaw in MediaTek audio chips could have exposed Android users’ conversations
- Are you using one of these passwords? If so, it’s time for a change
- Robinhood reports data breach affecting 7 million customers