I can’t help but discuss the pickle we are all in regarding our right to privacy and the ability of our government to keep us safe. If you have not heard of the FBI vs. Apple news you may want to pay attention. This battle has been brewing for years, and the decisions coming out of this case will impact our security for years to come.
In essence, Apple has built a lot of security into their phones. So much so, the FBI and local law enforcement cannot access the data on an iPhone if the security is setup correctly. The FBI is using the case of the terrorist couple in San Bernardino who shot 14 people. They have a cell phone that they want Apple to “fix” so they can see what is on it. Problem is, Apple will have to develop new firmware for the device to do this, in essence creating a “back door” to all iPhones that the government can use at will.
Now, the FBI (and other three-letter agencies) state they will only use such technology (if it existed) with a court order. However, we have learned from former NSA employee Edward Snowden that the NSA actually went much further in their role collecting all sorts of information on American citizens in the name of security. They were caught red-handed spying on millions of us without our knowing and pushing all the limits of due process.
I attended a technology conference last year where ex-FBI Assistant Director Jana Monroe spoke. She was director of the newly formed Cyber Division and is listed as one of the top 10 cyber security leaders in the United States. I asked Jana in public: If the government had a back door to all our encrypted devices, did she feel the government could keep this secure in light of all the security breaches with the OPM and other government databases? She said no.
As a IT service provider and consultant, I am being told by our government that we all need to encrypt critical information. In fact, under new regulations like HIPAA (for health information) and PCI (for credit card processing), you can face heavy fines if you don’t beef up security and encrypt. It’s the law.
So what can we do? On one hand, we need to increase security. On the other hand, our three letter agencies need to keep tabs on the bad guys. Based on the opinion of one of the founders of the FBI cyber division, if the government had a “back door” to all our encryption, they wouldn’t be able to keep it a secret for long. Every state and local law enforcement agency will want the master keys for their investigations. We all know how that will turn out.
In my opinion it comes down to this: Encryption is here to stay. There are hundreds of encryption programs all over the world that will happily supply encryption technology to anyone who pays for it–including terrorists and criminals. Anybody who wants to communicate via encryption can. It is not rocket science.
Encryption is just math, and you cannot outlaw math. Merely producing a back door for the good guys is making a door available for the bad guys. This is backed up by nearly every cyber security expert out there. The best way to protect our data is solid encryption with no front door, back door, or any other door to access it except the key held by the people who encrypted it. This is why Apple CEO Tim Cook is drawing a line in the sand. He and many others in the tech industry understand this concept and see the coming firestorm between government and private security.
This will be interesting to follow in the coming months, because it will impact us for many years to come. I have no idea what the solution could be at this point.