mobile encryption

DOJ Attempts to Brand Weakened Encryption as “Responsible Encryption”

DOJ

An official with the Department of Justice took aim at encryption of consumer products by saying that encryption creates “law-free zones”. They are specifically targeting companies like Apple when talking about this. They are suggesting that companies should create and implement “responsible encryption” that allows law enforcement to access data. This sounds an awful lot like something Donald Trump would say, and not necessarily someone from the DOJ themselves.

Deputy Attorney General Rod Rosenstein gave a speech at the US Naval Academy about this topic.

“Warrant-proof encryption defeats the constitutional balance by elevating privacy above public safety. Encrypted communications that cannot be intercepted and locked devices that cannot be opened are law-free zones that permit criminals and terrorists to operate without detection by police and without accountability by judges and juries.”

Rosenstein, you may have suspected, was nominated by the President to be the DOJ’s second highest ranking official, after Attorney General Jeff Sessions. Which further backs my point earlier about who might have actually said this. Rosenstein’s speech makes several references to Apple. Last year, Apple refused to help the government unlock and decrypt a phone that was used by a gunman. The government was able to access the data without Apple’s assistance, but why is this Apple’s problem? Apple is giving people a safe way to store their data, without fear of it being leaked. This shouldn’t be such a huge fight with the government, considering how much personal data has been leaked in the last couple of months.

I am not suggesting that it was the government’s fault that the data leaked in the first place, but I am suggesting that people have the right to protect that data. Rosenstein went on to suggest that if you encrypt your information, it’s your fault if crime cannot be stopped. “If companies are permitted to create law-free zones for their customers, citizens should understand the consequences,” he also said. “When police cannot access evidence, crime cannot be solved. Criminals cannot be stopped and punished.” So it’s my fault if I don’t want people getting into my personal information? That’s quite the leap to crime and criminals, don’t you think?

mobile encryption

Later in the speech, Rosenstein acknowledges the point I was trying to make earlier, which is – encryption is an important part of data security. And yet, they still want to stop it? Although, he seems to contradict himself a little when he says that law enforcement agencies have no desire to undermine it. Maybe not, but by suggesting that Apple and other tech giants can’t create devices with encryption is undermining it, isn’t it? Rosenstein goes on to say:

“Responsible encryption is achievable. Responsible encryption can involve effective, secure encryption that allows access only with judicial authorization. Such encryption already exists. Examples include the central management of security keys and operating system updates; the scanning of content, like your e-mails, for advertising purposes; the simulcast of messages to multiple destinations at once; and key recovery when a user forgets the password to decrypt a laptop. No one calls any of those functions a “back door.” In fact, those capabilities are marketed and sought out by many users.”

The last thing that Rosenstein speaks about is the reason behind why encryption is so popular – which is, in his opinion, because of competition among tech companies. He is suggesting that the reason for encrypted phones is because each tech company wants an edge over the other. Doesn’t he understand that people are just trying to protect themselves from having their identities stolen? Or protect themselves against having their information available to the highest bidder? If we go back to the Apple case last year – I don’t believe Apple was ordered by a court to unlock the phone. I believe it was the Department of Justice, aka, “the government”, who was asking them to do it. Which means, no one broke the law. So how can you say that the problem is with the tech companies?

The bigger problem is likely with the law, but in a time where it benefits people over law enforcement. Now I’m not saying that there aren’t some pretty bad people out there, doing horrible things. But there are also people out there minding their own business, who could get caught in the crossfire if the DOJ has its way.

One thought on “DOJ Attempts to Brand Weakened Encryption as “Responsible Encryption”

Comments are closed.