Why Are We Fighting the Crypto Wars Again?
“You cannot take an absolutist view on this,” Obama said at the South by Southwest festival in Austin, Texas. “If your argument is strong encryption no matter what, and we can and should create black boxes, that I think does not strike the kind of balance we have lived with for 200, 300 years, and it’s fetishizing our phones above every other value.”
[…]
“I suspect the answer is going to come down to, how do we create a system that, encryption is as strong as possible, the key is secure as possible, and it is accessible by the smallest number of people possible for the subset of issues that we agree is important,” he said.
Obama went on to call on software engineers and technology companies to help the government solve the problem, and he said a thorough, well-formed encryption solution should be established before it’s desperately needed. He cautioned against the tech community disengaging or taking a position that “is not sustainable for the general public as a whole over time,” as it could lead to a stalemate that will ultimately lead to “sloppy” legislation should the political climate change after something “really bad happens.”
Our phones are either insecure, making life easier for law enforcement — or, our phones are secure, making life more difficult for law enforcement, rendering some potential evidence unobtainable.
In many ways, I desperately want tech companies to try to work with lawmakers on this issue, because it’s become very clear that they have no idea what they’re talking about and it’s likely that they will codify regulations that are technically unfeasible now and destructive in the future.
Thus began the Crypto Wars. The government warned that unrestrained crypto would empower “bad guys” (terrorists, drug lords, kiddie porn purveyors). Business interests and privacy advocates argued that the only ones hurt would be citizens seeking to protect their information. (Disclosure boast: I wrote the book on this, and it’s still in print!)
[…]
For most of the ’90s, the government’s “compromise” on this issue — or its (pipe) dream — was that you could concoct a system where everything was locked down tight, but some carefully designed kink in the process would let the Feds get the information if they really wanted it. […] It was an unwieldy and impractical idea — especially since people who wanted security had options to buy stuff without Clipper Chips — and its demise helped lead the government to the conclusion that people highly motivated to protect their information were going to use crypto anyway. In theory at least, intelligence and law enforcement agreed to accept the fact that crypto was here to stay, and if they wanted to gain access to encrypted communications and files, they would do so by warrants and their own cryptanalysis, and not by demanding that the systems themselves should be weakened.
Previously: FBI Asks Apple for Secure Golden Key.
1 Comment RSS · Twitter
If I recall correctly, only a few short years ago encryption software was considered by the American government as military technology and was illegal to “export”. Somehow, wisdom eventually prevailed, and those restrictions were relaxed. Is there federal regret now?