In a New York Times article today by Charlie Savage, news that the Obama administration is proposing new legislation that would provide the U.S. Government with direct access to all forms of digital communication, "including encrypted e-mail transmitters like BlackBerry, social networking Web sites like Facebook and software that allows direct 'peer to peer' messaging like Skype."
In other words, the U.S. Government is taking exactly the position of the UAE and the Saudis: no communications are permitted to be beyond the surveillance reach of U.S. authorities. The new law would not expand the Government's legal authority to eavesdrop -- that's unnecessary, since post-9/11 legislation has dramatically expanded those authorities -- but would require all communications, including ones over the Internet, to be built so as to enable the U.S. Government to intercept and monitor them at any time when the law permits. In other words, Internet services could legally exist only insofar as there would be no such thing as truly private communications; all must contain a "back door" to enable government officials to eavesdrop.On Twitter last night, Ryan Singel pointed out this relevant snip from a National Research Council report rejecting the idea of mandated backdoors in encryption... in 1996.
It is true that the spread of encryption technologies will add to the burden of those in government who are charged with carrying out certain law enforcement and intelligence activities. But the many benefits to society of widespread commercial and private use of cryptography outweigh the disadvantages.And the lack of backdoors doesn't seem to have put much of a damper on domestic surveillance, anyway:
Law enforcement officials have long warned that encryption technology allows criminals to hide their activities, but investigators encountered encrypted communications only one time during 2009's wiretaps. The state investigators told the court that the encryption did not prevent them from getting the plain text of the messages.
And this CNET piece by Declan McCullagh, who's been covering this beat for longer than anyone I know, is an equally essential read. Snip:
Vice President Joe Biden proposed something quite similar in the 1990s. As I wrote in an earlier article, when Biden was chairman of the Senate Judiciary Committee, Biden introduced an anti-encryption bill called the Comprehensive Counter-Terrorism Act. It said: "It is the sense of Congress that providers of electronic communications services and manufacturers of electronic communications service equipment shall ensure that communications systems permit the government to obtain the plain text contents of voice, data, and other communications when appropriately authorized by law." It was Biden's bill--and the eventual threat of encryption being outlawed--that Phil Zimmermann said at the time "led me to publish PGP electronically for free that year."
Update: ACLU reaction here. "Mandating that all communications software be accessible to the government is a huge privacy invasion."