Encryption & the next president
The tech industry urges the remaining presidential candidates to put cybersecurity & other tech issues on the front burner.
“Boycott Apple,” declared presumptive Republican presidential nominee Donald Trump at a rally in February, as the tech company and the FBI battled over who would crack one of the San Bernardino killers’ encrypted phones, and how.
Now, a group of tech industry organizations are calling for the candidates to look more closely at technology and cybersecurity in a “first-ever” open letter to the three people who could become the next president.
“The issues we have outlined are too important to be ignored or treated like bumper sticker slogans,” said Dean Garfield, head of the Information Technology Industry Council, one of the groups that sent the letter.
The thirteen tech organizations behind the letter say the technology sector is an important part of American’s daily lives and also the national economy, making up 7% of the country’s gross domestic product.
One of the key recommendations in the letter—strengthen cybersecurity. One part of that same recommendation—“recognize the importance of encryption as a critical security tool.”
Some experts have criticized the candidates for being ill-informed on cybersecurity.
A data risk management company called IDT911 analyzed the candidates statements and actions on cybersecurity in March and gave them letter grades. Trump and Democratic presidential candidate Hillary Clinton received C’s, and Democratic presidential candidate Bernie Sanders received a C and a D.
Whoever ends up in office may have to face the issue head-on.
“State-sponsored cyberattacks, espionage, and criminal activity have emerged as major national issues prompting the Obama Administration to take executive action on at least two occasions in recent years, and to propose a $19 billion federal cybersecurity budget for 2017,” explained Dark Reading.
The battle over encryption continues in Washington, D.C., even after the FBI found a way to access data in the San Bernardino terror shooter’s phone without Apple’s help.
Two senators are working on a controversial encryption bill, calling it a “critically important and challenging issue.” They released the official draft version of the bill, the Compliance with Court Orders Act of 2016, in April.
“The bill we have drafted would simply provide that, if a court of law issues an order to render technical assistance or provide decrypted data, the company or individual would be required to do so,” said Sen. Dianne Feinstein (D-Calif.), one of the bill’s creators. “We need strong encryption to protect personal data, but we also need to know when terrorists are plotting to kill Americans.”
“I have long believed that data is too insecure, and feel strongly that consumers have a right to seek solutions that protect their information – which involves strong encryption,” said Sen. Richard Burr (R-N.C.), who also worked on the bill. “I do not believe, however, that those solutions should be above the law.”
The White House declined to give public support for the bill, Reuters reported. In March, White House press secretary Josh Earnest said “the administration is ‘skeptical’ of lawmakers’ ability to resolve the encryption debate given their difficulty in tackling ‘simple things,’” according to Reuters.
For some, the encryption issue appears to be black and white—criminals should not be able to hide using secret communication tools. The bill would require tech companies to provide a way to decrypt encrypted information, what some call a “back door.”
But cybersecurity experts say a back door will also give criminals a way in.
“If you ask a person on the street, they’ll say, ‘Why doesn’t Apple just help the FBI?’” said Chris Wysopal with cybersecurity company Veracode in a recent interview with Archer News. “They don’t understand the downstream effects. That means every single product is less secure. Every single product will allow criminals easier access to your data.”
You rely encryption every day to keep your information safe, said Mike Janke with Silent Circle.
“Everything in our life revolves around it,” said Janke at the Collision 2016 tech conference. “Every time you hit the ATM, every time you pay a bill, every time you go on Amazon and buy anything, it’s all done through encryption.”
It’s not just security—some say it’s also about money, and requiring a back door could devastate American business.
“It means disaster for a trillion-dollar economy,” said Janke. “All you’re doing is crippling the U.S.”
American companies trying to sell their products overseas would run into roadblocks, Janke said.
“‘Hey, buy my product,’” Janke said. “‘Oh, by the way, it’s made in the U.S., so any government agency can get access to it.’ How many sales are you going to have? Zero.”
International customers—and criminals—could turn to other countries for encrypted products.
“People will be using an e-mail provider in Iceland, for instance, instead of in the U.S.,” said Wysopal. “I think it really will make American technology less competitive in the world marketplace.”
Cybersecurity on the campaign trail
Cybersecurity issues have come up during the campaign.
Trump announced his call for the Apple boycott over the encryption issue. He said Apple was in the wrong at an MSNBC town hall program in February.
“I think it’s disgraceful that Apple is not helping on that. I think security first and I feel—I always felt security first. Apple should absolutely—we should force them to do it,” he said.
Clinton also answered questions about the FBI-Apple encryption debate at an MSNBC-Telemundo town hall in February.
“I see both sides. And I think most citizens see both sides. We don’t want privacy and encryption, you know, destroyed and we want to catch and make sure there is nobody else out there whose information is on the cell phone of the killer,” Clinton said. “This is why you need people in office who can try to bring folks together to find some common ground.”
Sanders answered the encryption question by saying he is on both sides, and that it is a complicated issue.
“I am very fearful in America about ‘big brother,’” he said. “I worry about that very, very much. On the other hand, what I also worry about is the possibility of a terrorist attack against our country. And frankly I think there is a middle ground that can be reached.”
The final months
As the presidential campaign grinds through its final months, there will be more questions on—and more discussion about—cybersecurity and encryption. At least, that is the hope of the tech companies behind the “first-ever” open letter, and many on both sides of the encryption debate.
“I am hopeful that this draft will start a meaningful and inclusive debate on the role of encryption and its place within the rule of law,” said Burr when the official draft version of the encryption bill was released.
“People try to boil this argument down to, ‘If we don’t have a back door, there’ll be bombs going off,’ to,
‘If we don’t stop the government, nudie pictures of all of us will be in a database in Utah,” said Janke. “It’s not that simple.”