Congress Talks Encryption

C. Andrew Konia, Clare Lewis, Patrick Wallace
McGuireWoods LLP
Contact
LinkedIn
Facebook
X
Send
Embed

washington-dcThe Information Technology Subcommittee of the Committee on Government Oversight and Reform of the US of House of Representatives last Wednesday held a hearing on encryption technology and potential US policy responses. The subcommittee heard testimony from representatives of the IT sector, members of the criminal justice and law enforcement community, and a computer science professor. Discussion focused on how law enforcement and the criminal justice system could deal with encrypted communications.

Encryption is used to obfuscate data so that it is only readable by those who possess the proper information to decode it. With companies stepping up security efforts in response to market demands in the post-Snowden era, some every day applications now feature rather sophisticated encryption schemes. This conveys a tremendous benefit to consumers looking to protect their data and communications, but could also provide a safe haven to criminals and terrorists.

The primary policy question is how to properly balance individual privacy rights with the law enforcement’s intelligence gathering needs. Some in the law enforcement community have floated the idea of building what are known as “backdoors” into systems to allow law enforcement to defeat encryption. Backdoors are security holes intentionally built into systems that allow those who are aware of them to bypass security measures.

As some of the witnesses and subcommittee members pointed out, this proposition is dubious.  From a technological standpoint, it’s virtually impossible to build a backdoor that only the “good guys” can use. Mandated security backdoors could be a boon to the already-thriving underground market for exploiting security weaknesses. There’s also reason to believe that this requirement would put US-based companies at a disadvantage compared to foreign competitors that would not be required to build systems with inherent weaknesses. It would also require users of US-developed applications to question whether their data were actually protected by encryption.

Law enforcement has made a compelling case for how encryption has created difficulties for many of their legitimate activities. After Wednesday’s hearing, which many would consider a strong repudiation of the mandated backdoor concept, it will be interesting to see what solutions, if any, are presented in the future. Companies should closely monitor this debate as it could directly impact the security of communications systems they depend on to carry confidential or privileged information.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© McGuireWoods LLP | Attorney Advertising

Written by:

McGuireWoods LLP
McGuireWoods LLP
Contact
more
less

McGuireWoods LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide