The FBI can’t open “backdoors” to Americans’ cellphones to catch criminals without leaving them open to cybercriminals too, according to Oregon Democratic Sen. Ron Wyden.
In a Los Angeles Times op-ed this week discussing FBI Director James Comey’s request that Congress help the agency circumvent new Apple and Android encryption standards, Wyden argues there’s no way to guarantee that letting the FBI in will keep everybody else out. (RELATED: FBI Director: Apple, Google Acting ‘Above The Law’ By Locking Users’ Phones)
“The leaders of U.S. intelligence agencies hold a different view,” Wyden wrote. “Most prominently, James Comey, the FBI director, is lobbying Congress to require that electronics manufacturers create intentional security holes — so-called back doors — that would enable the government to access data on every American’s cellphone and computer, even if it is protected by encryption.”
“Unfortunately, there are no magic keys that can be used only by good guys for legitimate reasons,” Wyden said. “There is only strong security or weak security.”
The core of Comey’s request is for Congress to modify the 1994 Communications Assistance for Law Enforcement Act (CALEA) — which compels telephone service providers to build wiretap access into their networks — to include digital and Internet communications. (RELATED: Congress Tells FBI There’s ‘Zero Chance’ Of Giving The Bureau Backdoor Access To Americans’ Cellphones)
“The problem with this logic is that building a backdoor into every cellphone, tablet, or laptop means deliberately creating weaknesses that hackers and foreign governments can exploit,” Wyden wrote. “What these officials are proposing would be bad for personal data security and bad for business and must be opposed by Congress.”
To give the agency such access not only undermines the digital security of all Americans’ privacy and sensitive information — according to Wyden, it eliminates the incentive for companies to continuously build better security at a time when it’s needed more than ever.
“Hardly a week goes by without a new report of some massive data theft that has put financial information, trade secrets or government records into the hands of computer hackers,” Wyden wrote. “[I]f you’re building a wall with a hole in it, how much are you going invest in locks and barbed wire?”
Those same companies have suffered significant losses in profits and trust in the year and a half since leaks by National Security Agency whistleblower Edward Snowden revealed massive network breaches at companies including Yahoo and Google, and in some cases, cooperation. The cloud-storage industry alone will reportedly suffer losses in the tens of billions in coming years.
Instead, Wyden called on Congress to support greater legal protections for Americans’ data via legislation including the Secure Data Act, which the Oregon senator introduced in the upper chamber earlier this month, and “prohibits government mandates to build backdoors or security vulnerabilities into U.S. software and electronics.”
“The U.S. House of Representatives recognized how dangerous this idea was and in June approved 293-123, a bipartisan amendment that would prohibit the government from mandating that technology companies build security weaknesses into any of their products,” Wyden wrote of an amendment lawmakers quietly removed in the “CRomnibus” spending package passed last week. (RELATED: The Only NSA Reform To Pass Congress Is About To Be Removed In The Shutdown Spending Bill)
“Technology is a tool that can be put to legitimate or illegitimate use,” Wyden wrote. “And advances in technology always pose a new challenge to law enforcement agencies. But curtailing innovation on data security is no solution, and certainly won’t restore public trust in tech companies or government agencies.”
Wyden said he plans to re-introduce the legislation next year.