- Irony of Georgia’s sperm-reporting bill flies by anti-abortion advocates Thursday 7:11 PM
- Sex scandals are consuming the K-pop industry Thursday 5:44 PM
- Trump supporters are abandoning Fox News over network’s latest hire Thursday 5:20 PM
- QAnon is attacking a random woman in a disturbing and dangerous way Thursday 4:59 PM
- Google celebrates Bach with AI-powered, music-making doodle Thursday 4:53 PM
- RIP: The best free trial in all of streaming entertainment Thursday 2:19 PM
- Which ‘Florida Man’ are you? Thursday 1:06 PM
- Hundreds of millions of Facebook passwords were accessible to employees Thursday 12:55 PM
- ‘Bitch I’m Bella Thorne’ morphs into TikTok dyslexia meme Thursday 12:17 PM
- Marvel is auctioning props and costumes from Netflix’s ‘Defenders’ franchise Thursday 12:12 PM
- Net neutrality advocates plan online watch party for the ‘Save the Internet’ Act Thursday 12:01 PM
- Tim Cook turns his iPad meme into an AirPod meme Thursday 11:46 AM
- Auschwitz Memorial asks visitors to stop taking playful photos at Holocaust site Thursday 11:33 AM
- The best Korean beauty products for $15 or less Thursday 10:50 AM
- PewDiePie’s reign as the No. 1 YouTuber seems to be over Thursday 10:43 AM
U.S. intelligence community says encryption is still a huge problem despite ‘don’t panic’ report
The report does not ‘fully account for the realities we face,’ an intelligence official said.
The office that oversees the U.S. intelligence community released a critical response Thursday to a study that called into question government warnings about the dangers of encryption.
In a letter to Sen. Ron Wyden (D-Ore.), who requested a government analysis of the Harvard University report, Deirdre Walsh, the director of legislative affairs for the Office of the Director of National Intelligence, said the study’s findings “do not fully account for the realities we face.”
The report presented evidence that a decades-long push by senior law-enforcement and intelligence officials to weaken encryption to aid criminal and terrorism investigations is misplaced. Not only is unbreakable, “end-to-end” encryption far from ubiquitous, the report’s authors wrote, but other sources of evidence, including unencrypted metadata and Internet of Things devices, are becoming increasingly common.
The findings bolstered the argument of the technology and privacy communities, which have pushed back on law-enforcement demands for guaranteed-access mechanisms in commercial encryption. Cryptographers and civil-liberties activists warn that these so-called “backdoors” will jeopardize everyday Americans’ digital security and ruin U.S. tech firms’ reputations.
But Walsh argued in her letter to Wyden that, despite the report saying end-to-end encryption was not widespread, “some of the largest providers of certain types of communications services have already implemented” it. And even if that doesn’t lead to near-universal use of unbreakable encryption, she wrote, such technology is already spreading, making investigators’ work harder and criminals’ work easier.
Harvard’s Berkman Center for Internet and Society issued the report, titled “Don’t Panic: Making Progress on the ‘Going Dark’ Debate,” on Feb. 1. Its authors include Matthew Olsen, former director of the National Counterterrorism Center; Harvard law professor Jack Goldsmith, a former senior official in President George W. Bush‘s Justice Department; and eminent cryptographer Bruce Schneier.
The title of the report referred to law enforcement’s argument that wrongdoers are “going dark” as encryption shields their activities from discovery.
When James Clapper, the Director of National Intelligence, testified before the Senate Intelligence Committee in February, Wyden asked his office to study the report’s findings.
Addressing the claim that Internet of Things data and unencrypted metadata could provide a substitute for the encrypted content of criminals’ communications, Walsh wrote, “this is simply wrong.” Metadata, she argued, only shed light on the circumstances of communications—where and when they happened, for example—and Internet of Things devices are not universally unencrypted.
“It is difficult to see how information obtained from a refrigerator, a washing machine, or a child’s toy could mitigate the impact of the loss of” communications data, Walsh wrote. She also criticized the report for overlooking the fact that many local police departments lacked the resources to tap into those smart devices.
“Even more troubling,” she wrote, “the report fails to acknowledge the different privacy implications of collecting information from these sorts of devices inside one’s own home.”
Eric Geller is a politics reporter who focuses on cybersecurity, surveillance, encryption, and privacy. A former staff writer at the Daily Dot, Geller joined Politico in June 2016, where he's focused on policymaking at the White House, the Justice Department, the State Department, and the Commerce Department.