X

Tech companies urge Obama to safeguard encryption

Industry groups representing Apple, Google and many others say they're firmly opposed to any policy that would undermine technology that helps ensure users' privacy.

Don Reisinger
CNET contributor Don Reisinger is a technology columnist who has covered everything from HDTVs to computers to Flowbee Haircut Systems. Besides his work with CNET, Don's work has been featured in a variety of other publications including PC World and a host of Ziff-Davis publications.
Don Reisinger
5 min read

Apple's iMessage is one of the chief security concerns for the US government. Jason Cipriani/CNET

Two technology industry associations are worried about the US government's desires for managing data encryption -- and they want President Obama to know it.

In a letter sent to the president Monday, the Information Technology Industry Council and the Software & Information Industry Association wrote that they would find it unacceptable for the US to follow a strategy that would limit or prevent proper data security.

"We urge you not to pursue any policy or proposal that would require or encourage companies to weaken these technologies, including the weakening of encryption or creating encryption 'work-arounds,'" the organizations wrote. "We appreciate that, where appropriate, law enforcement has the legitimate need for certain information to combat crime and threats. However, mandating the weakening of encryption or encryption 'work-arounds' is not the way to address this need."

The letter addresses ongoing concerns about the balance between privacy and national security. In this case, technology companies and the US government are at odds over encryption -- the scrambling of messages so only authorized users can read them -- and its place in digital products used by consumers and businesses. Neither side seems willing to move much off its position.

US law enforcement officials have argued that easily available encryption could facilitate criminal activity and hinder investigations.

Technology companies have staunchly supported maximizing data security and privacy, arguing that their users have the right to such protection.

Such was the case for Apple CEO Tim Cook last week, speaking at an event hosted by the Electronic Privacy Information Center. "We believe that people have a fundamental right to privacy," he said. "The American people demand it, the Constitution demands it, morality demands it."

Data privacy has also been in the spotlight with expiration this month of the controversial Patriot Act, which had allowed the wholesale collection by the US government of the "metadata" associated with phone calls. On June 2, President Obama signed into law the USA Freedom Act, which curtails that practice.

In the letter to President Obama, the industry organizations, which represent dozens of prominent technology companies including Adobe, Apple, Facebook, Google, Microsoft, Samsung, Sony and Yahoo, were responding to comments made on June by White House press secretary Josh Earnest, who indicated that the issue of data encryption in technology products is not only of interest to the president, but something he could act on at some point in the future.

The letter also appears to be another attempt on the technology industry's part to head off any legislative maneuver by the president or Congress to limit encryption and give the government easier access to user data.

In May, 140 companies, including Apple and Google, sent a similar letter to the White House, saying that data encryption is the "cornerstone of the modern information economy's security." In both messages, the companies argued that data encryption is not only justified, but necessary, as people seek private conversations without worrying about the possibility of government oversight.

The US government, and in particular FBI Director James Comey, have been especially concerned with data encryption. They have pointed specifically to Apple's iMessage instant-messaging platform, arguing that if a crime is being discussed on the service, its end-to-end encryption would make it impossible for law enforcement to step in, view it and potentially safeguard victims.

"If the government laid a subpoena on us to get your iMessage, we can't provide it," Cook confirmed in September. "It's encrypted, and we don't have the key."

Similar data encryption is running on Google's Android, the world's most popular mobile operating system. Together, Android and Apple's iOSowned 96 percent of the worldwide smartphone market in 2014, representing more than 1.2 billion devices -- figures that the US government has used to suggest that the encryption is not only widespread, but could already be used by criminals to safely chat without fear of government oversight.

In October, Comey said that " justice may be denied" because of strong encryption. He added that while he's not seeking a backdoor to easily access servers and obtain messages, he would like "to use the front door, with clarity and transparency, and with clear guidance provided by the law."

Comey has also pointed to the US Communications Assistance for Law Enforcement Act of 1994. That law mandates that telephone companies build wiretapping backdoors into their equipment for officials to listen in on suspected criminals. No such law mandates a similar backdoor for mobile devices.

In March, Comey's statement was echoed by US Deputy Assistant General David Bitkower, who said that data encryption that doesn't allow for law enforcement access gives a criminal or terrorist the opportunity to act at their will without fear of any prying eyes, effectively putting the US in danger. Giving law enforcement access to suspected criminal information, Bitkower said, is the "standard American principle for the last couple of hundred years."

In their letter to President Obama, the ITIC and the SIIA said any law that would broadly limit encryption would "deprive individuals of certain liberties."

The organizations did, however, extend an olive branch. They acknowledged that the balance between personal privacy and catching criminals is "complex"and offered to find "pathways forward that preserve security, privacy, and innovation."

For his part, President Obama has not made a significant move in one direction or the other. He said in an interview with Recode in February that he's a "strong believer in strong encryption" and he's sympathetic to companies "properly responding to market demand." Still, he sees the other side of the argument.

"I lean probably further in the direction of strong encryption than some do inside of law enforcement," the president said. "But I am sympathetic to law enforcement because I know the kind of pressure they're under to keep us safe. And it's not as black-and-white as it's sometimes portrayed. Now, in fairness, I think the folks who are in favor of airtight encryption also want to be protected from terrorists."

So far, the White House has not offered any agenda on data encryption and has yet to say whether it will.

The White House and Apple did not immediately respond to a request for comment.