Monday, October 20, 2014

FBI wants Congress to mandate backdoors in tech devices to facilitate surveillance

In response to announcements by Apple and Google that they would make the data customers store on their smartphones and computers more secure and safer from hacking by law enforcement, spies, and identity thieves, FBI director James Comey is asking Congress to order tech companies to build their devices with “backdoors,” making them more accessible to law enforcement agencies.Privacy advocates predict that few in Congress will support Comey’s quest for greater surveillance powers.

In response to announcements by Apple and Google that they would make the data customers store on their smartphones and computers more secure and safer from hacking by law enforcement, spies, and identity thieves, FBI director James Comey is asking Congress to order tech companies to build their devices with “backdoors,” making them more accessible to law enforcement agencies. Speaking at the Brookings Institution last Thursday, Comey said that police need new legislation to help them apprehend criminals who use encryption to hide incriminating evidence. “The FBI has a sworn duty to keep every American safe from crime and terrorism, and technology has become the tool of choice for some very dangerous people,” Comey said. “Unfortunately, the law hasn’t kept pace with technology, and this disconnect has created a significant public-safety problem.”

The 1994 Communications Assistance for Law Enforcement Act (CALEA) forces telephone companies to build surveillance technologies into their networks to allow law enforcement to install wiretaps. The law has not been updated and it does not apply to new technology including online forms of communication.

Privacy advocates predict that few in Congress will support Comey’s quest for greater surveillance powers. “I’d be surprised if more than a handful of members would support the idea of backdooring Americans’ personal property,” Senator Ron Wyden (D- Oregon) said.

Comey urged Congress to update CALEA to “create a level playing field” so new tech companies would have to provide police the same access to information that telephone providers like AT&T do. Comey’s proposal is already facing resistance from the tech industry, as many industry analysts point out that any backdoor for law enforcement could be exploited by hackers. Additionally, such a mandate would make American tech companies less competitive globally. “Who in Europe is going to buy these newly compromised cell phones if Congress insists that they be made with backdoors for U.S. law enforcement?” asked Greg Nojeim, a senior counsel with the Center for Democracy and Technology. “It’s probably one of the worst job killers a member of Congress could propose.”

Ed Black, president of the Computer & Communications Industry Association, a group that represents top tech companies including Facebook and Google, said customers believe improving data security is a core function of technology companies, adding that the new encryptions are not marketing gimmicks. “It’s not like a new color on (the customer’s) phone,” he said. “It’s something that they think is essential to protecting their freedom, their lives, and their privacy.”

Comey said in his speech last Thursday that he understands the reasons for securing customer data, “but we have to find a way to help these companies understand what we need, why we need it, and how they can help, while still protecting privacy rights and providing network security and innovation. We need our private-sector partners to take a step back, to pause, and to consider changing course.”

In June, the House voted 293-123 to slash funds for National Security Agency projects that build vulnerabilities into security products, a sign that Congress is far from passing new legislation that makes U.S. tech products more vulnerable to hacking.