Some 140 tech companies led by Apple and Google are urging President Barack Obama to oppose any policies that would weaken data security in smartphones and other devices so that law enforcement agencies could gain access through ‘backdoors’ in the event the data is encrypted.
In a six-page letter being sent to Obama on May 19, the tech companies and a contingent of security and privacy experts argue that by potentially opening up such code to potential law enforcement access through backdoors, it will also open code to other attackers who could gain access to the data. The letter was obtained ahead of time by The Washington Post.
“We urge you to reject any proposal that U.S. companies deliberately weaken the security of their products,” the letter states. “We request that the White House instead focus on developing policies that will promote rather than undermine the wide adoption of strong encryption technology. Such policies will in turn help to promote and protect cybersecurity, economic growth, and human rights, both here and abroad.”
The letter from the tech companies and security experts comes after some Obama administration officials have recently made comments suggesting “that American companies should refrain from providing any products that are secured by encryption, unless those companies also weaken their security in order to maintain the capability to decrypt their customers’ data at the government’s request,” the letter states. “Some officials have gone so far as to suggest that Congress should act to ban such products or mandate such capabilities.”
Law enforcement authorities argue that such steps are needed so that they can do their jobs and gain critical access to information to prevent and solve crimes and terrorism. Without such backdoor access, law enforcement officials argue that they won’t be able to access details when perpetrators are using devices that produce encrypted data.
Opponents say that thinking by government officials is wrong.
“Strong encryption is the cornerstone of the modern information economy’s security,” the letter continues. “Encryption protects billions of people every day against countless threats—be they street criminals trying to steal our phones and laptops, computer criminals trying to defraud us, corporate spies trying to obtain our companies’ most valuable trade secrets, repressive governments trying to stifle dissent, or foreign intelligence agencies trying to compromise our and our allies’ most sensitive national security secrets.”
Weakening established and effective encryption systems by building in mandatory backdoors for government access would undermine the whole data protection environment, the critics argue. “Whether you call them ‘front doors’ or ‘back doors,’ introducing intentional vulnerabilities into secure products for the government’s use will make those products less secure against other attackers.”
The new security vulnerabilities that such backdoors could create would also undermine human rights and information security around the globe because when other governments demand similar access, it will create an information environment riddled with vulnerabilities that could be exploited by even the most repressive or dangerous regimes,” the letter continues. “That’s not a future that the American people or the people of the world deserve.”
Last September, Apple and Google announced that they would encrypt all data transmitted through their customers’ devices in light of allegations made in 2013 of government snooping in Google and Yahoo data centers. Those revelations allegedly included government scanning and surveillance of personal message data, which set off a firestorm of protests by privacy groups, officials and the public, according to earlier eWEEK reports.
Then-U.S. Attorney General Eric Holder quickly criticized the default smartphone data encryption move by Google and Apple, arguing that access to such data was critical to law enforcement efforts and that authorities could have such access while maintaining personal privacy for the general public. Holder and other law enforcement officials said that default encryption, without user intervention, will essentially block police and other first responders from accessing critical information that would have been previously accessible if suspects had not manually changed settings to encrypt their communications.
James Comey, the director of the FBI, has also criticized the encryption moves.
Previously, smartphones didn’t automatically encrypt user data unless users took that step on their own. New phones will have encryption turned on when they are manufactured.