Battle brews as tech companies attempt to fend off NSA hacking

Google, Facebook, Yahoo, and others are all improving their data encryption to discourage the NSA from accessing user information.

Don Reisinger

CNET contributor Don Reisinger is a technology columnist who has covered everything from HDTVs to computers to Flowbee Haircut Systems. Besides his work with CNET, Don's work has been featured in a variety of other publications including PC World and a host of Ziff-Davis publications.

See full bio

Don Reisinger

Nov. 15, 2013 8:20 a.m. PT

2 min read

The NSA allegedlygathered millions of records from Google and Yahoo data centers around the world, but soon, the agency might have a much harder time trying to collect this type of data.

Google, Yahoo, Microsoft, Apple, and other prominent technology companies are investing heavily in stronger, 2048-bit encryption. Due to computing power constraints, it's expected to be more than a decade before this type of encryption can be easily overcome.

Google, one of the leaders in the effort, announced in May that it would switch over to 2,048-bit encryption keys by the end of 2013. Yahoo recently confirmed to Bloomberg, which spoke with several tech companies that are investing in new encryption, that it will make 2048-bit encryption standard by January 2014 for all its Mail users. Facebook also plans to move to 2048-bit encryption, a spokeswoman told Bloomberg, and will roll out "perfect forward secrecy," a feature that prevents snoopers from accessing user data even if they can access the company's security codes.

Microsoft and Apple are also reportedly ramping up their data-security efforts.

The technology companies' renewed interest in data security and encryption comes after several reports have suggested that the NSA has been accessing their data and using it for spying purposes. Those firms have gone on the record saying they comply with legal requests where appropriate, but are doing everything they can to keep user data safe. The investment in 2048-bit encryption is the next step in protecting the privacy of users.

Still, encryption is just one small piece of a broader puzzle the technology companies have yet to solve.

The NSA has the ability to overcome a wide array of security protocols. Last month, in fact, James Clapper, the director of national intelligence, said that the US employs "every intelligence tool available" to cull data from national security threats, according to Bloomberg. Whether those efforts are applied to technology company servers has been debated, though leaks from former NSA contractor Edward Snowden and others suggest they are.

Even so, the improved encryption efforts could lengthen the time at which it takes the NSA and other spying agencies around the world to access user information. And that's at least something.