Encryption debate centers on privacy
Nations are grappling with the problem of how to protect online communications from threats such as censorship, spam that clogs networks and cyberterrorists.
A top State Department official on Wednesday said despite global concerns about covert cybercrime, presidential administrations should not prohibit people from encoding their Internet messages, or rendering them indecipherable to law enforcement officials.
Nations, including the United States, are grappling with the problem of how to protect online communications from threats such as censorship, spam that clogs networks and cyberterrorists. But the solutions to the problem of safeguarding the free flow of information might unfortunately turn out to be counterproductive, said Ambassador Philip L. Verveer, deputy assistant secretary of state and U.S. coordinator for international communications and information policy.
He was speaking at an event hosted by Voice of America, a broadcasting service funded by the U.S. government. Officials from the FBI, State and independent research groups debated the issue of governments seeking more control over the Internet to defend national security.
"Some law enforcement [officials] say the way to contend" with cyber threats is to "basically make it illegal to encrypt electronic communications -- that, I think, is a mistake," Verveer said. "Our ability to speak freely on the Internet is in fact a function of the notion that it's not so easy to listen to us."
He argued that limiting the use of encryption would endanger freedom of speech and, perhaps counterintuitively, cybersecurity. Encryption secures networks and computer assets that are constantly under attack, Verveer noted.
But Richard McNally, FBI section chief for counterterrorism and counterintelligence, said law enforcement and security officials are having difficulty investigating communications that suspects are exchanging via "some of the more advanced technologies coming aboard right now."
Legislation that would make it possible to crack the coding might be necessary, he said. McNally did not name specific applications. "There are issues and we're working hard to overcome them. But we probably need to do more ... Congress and the president, I think, hopefully in the future will do more," he said.
The FBI wants to force software and hardware companies to be technologically capable of turning over customer content to the government when a court order is issued, department officials said recently.
By a show of hands, members of the Washington audience indicated they were more concerned about online privacy than the inability of law enforcement to get the information it needs.
McNally responded by noting there are legal processes and significant federal oversight in place to ensure government officials do not have easy access to people's information.
Martin Libicki, a senior management scientist who studies cyberwarfare at the RAND Corp., said some security tactics inadvertently were weakening the nation's cyber defenses.
"Everything about cybersecurity is unintended consequences," he said. "It's because information systems are so complicated that there's a divergence between the information system we have and the information systems we thought we were designing.... In that small divergence, those minute exceptions that are so hard to find but people seem to find them anyway, is the source of a large percentage of the cybercrime."