Backdoor Access to US Data Would do Nothing to Stop Availability of Encryption: Report
by Jack Kelly
Proposals from lawmakers to force US companies to provide government agencies with backdoors to encrypted data would put them at a competitive disadvantage, without reducing the global availability of encryption, according to a report released Thursday by Harvard University researcher Bruce Schneier. While emphasizing that the results are not a complete catalogue, but rather more of a survey, Schneier and his team conducted A Worldwide Survey of Encryption Products and found 865 devices or programs incorporating encryption originating from 56 countries, with about one-third of the products coming from the US.
Schneier, who is a fellow at the Berkman Center for Internet & Society, along with fellow researchers Kathleen Seidel and Saranya Vijayakumar, replicated a study conducted in 1999 by researchers at George Washington University. The original study attempted to catalogue non-US encryption products, and found over 800 hardware and software products from 35 countries.
US and Judiciary Committee Chairman Richard Burr (R-N.C.), with an assist from Senator Dianne Feinstein (D-Calif.), has been drafting legislation to provide backdoors to encryption with warrants. Burr also sponsored the controversial Cybersecurity Information Sharing Act, which passed through the Senate in October.
“The potential of an NSA-installed backdoor in US encryption products is rarely mentioned in the marketing material for the foreign-made encryption products,” the researchers say in the report. “This is, of course, likely to change if US policy changes.”
The researchers note that with no difference in advertised strength based on geography, “jurisdictionally agile” companies and products will simply leave a home-country that applies a competitive disadvantage. The Daily Dot notes that US encrypted communications company Silent Circle became a Swiss company in 2014 to avoid government snooping, or its marketing ramifications.
While some other countries are considering limitations on encryption, like France, Dutch parliament has taken the opposite approach, and the new research clearly indicates that it would not take very many countries avoiding backdoors to undermine the industry in the US, as well as efforts by law enforcement to potentially monitor all digital communication between people and entities.
Encryption advocates from Google to Let’s Encrypt, meanwhile, continue to encourage businesses and consumers alike to use encryption more consistently. The US House of Representatives voted to reign in unwarranted surveillance backdoors in June 2014.
Recommended Posts
‘Dirty Cow’ Linux vulnerability found after nine years
October 21, 2016
Linode Forces Password Resets After Unauthorized Access Detected
January 7, 2016