Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Friday, 06 March 2020 08:33

US bid to ban encryption without actually banning it

By
US bid to ban encryption without actually banning it Pixabay

In Australia, the government is using the increasing incidence of online child sexual exploitation to give the military intelligence agency, the Australian Signals Directorate, a domestic role. It claims this role will be restricted only to cases of child sexual abuse.

In the United States, the same crime is being used to try and push through a bill that will restrict the freedom of Americans to use encryption for their data and communications.

Australia's intentions were made clear on 19 February when Australian Federal Police commissioner Reece Kershaw, Australian Criminal Intelligence Commission chief executive Michael Phelan and Australian Transaction Reports and Analysis Centre chief executive Nicole Rose made presentations at the National Press Club, claiming that current laws had been overtaken by technology and needed to be changed.

None of them mentioned that Australia already has a law in place to force companies to break encryption, this legislation having been passed in December 2018. Like Oliver Twist, they all asked for more. The mainstream media, and indeed even smaller publications, have kept mum about the possibility that the ASD would be allowed a role in domestic cases.

The UK was the first to pass a law that would enable officials to force the breaking of encryption, but in the US it would be somewhat more difficult to get such legislation passed. So the Americans are taking a circuitous route.

As American cryptography fellow Dr Riana Pfefferkorn, who works with the Stanford Centre for Internet and Society, put it, the US is trying to ban encryption without actually banning it.

The tussle between Apple and the FBI in 2016, over the latter's demand that the company provide a means for it to gain access to data on a terrorist's iPhone, showed that tech outlets would not accede to demands that they felt would impact on any selling point of their products. That case ended with the FBI using the services of a third party to gain access to the data in question.

But after that, following the 2016 US presidential election, and the allegations of Russian interference, public suspicion of companies like Facebook has grown. Increasing data leaks have not helped either and the government now feels the public mood is right to act.

The US assistant attorney-general for national security John Demers went on the record late last month saying that the Department of Justice had given up hopes that tech companies would voluntarily backdoor their own encryption.

Instead, said Demers, the DoJ was focused on passing legislation that forces companies to co-operate – "and is hoping encryption-limiting laws in Australia and the United Kingdom will ease the path for a similar law in the United States".

The law that is sought to be passed is called the EARN IT Act. Currently, section 230 of the Communications Decency Act allows online platforms to escape liability for things their users say and do; for example, you can sue the person who defamed you on a platform like Twitter, but not the platform itself. An amendment to this section in 2018 has made platforms liable for publishing information “designed to facilitate sex trafficking”.

The other law that is relevant to this discussion is the Communications Assistance for Law Enforcement Act of 1994 which mandates that telecommunications carriers must open their networks to tapping by law enforcement when served with a warrant. Information services are not covered, though. Additionally, CALEA places no restrictions on encryption.

US politicians are not happy with this, but have shown no appetite for amending CALEA. Enter the EARN IT Act which aims to force online platforms to adhere to any practices laid down by a federal commission to combat child sexual abuse material online. The stick is that any platform that does not adhere to the mandated practices will lose the immunity to lawsuits that is guaranteed by Section 230.

There is another US federal law that governs the behaviour of online platforms with regard to child sexual abuse material; when they find any such material, they have to report it to the authorities. But they are not required to monitor or filter content on their sites to look for such material. If platforms report abuse material when they find it, they cannot be penalised either by federal or state courts. However, criminal cases can still be brought against platforms for intentional misconduct.

The new bill makes it necessary for platforms to earn the immunity that Section 230 has afforded so far. And one of the conditions for earning that immunity could well be the ditching of end-to-end encryption. That would, incidentally, also achieve the task of modifying the cover that CALEA affords to information services as it makes no requirement from them on encryption.

That the bill is being put forward at a time when there is a hue and cry about the privacy of individuals — which can be ensured only through strong encryption — has not gone unnoticed. Senator Lindsay Graham, one of the Republican senators putting forward the bill, has admitted that this does not make much sense.

But like all government initiatives, when the spectre of child sexual abuse is raised, people hesitate to say anything, and stand idly by while more and more draconian legislation is shoved onto the law books.


Subscribe to ITWIRE UPDATE Newsletter here

GRAND OPENING OF THE ITWIRE SHOP

The much awaited iTWire Shop is now open to our readers.

Visit the iTWire Shop, a leading destination for stylish accessories, gear & gadgets, lifestyle products and everyday portable office essentials, drones, zoom lenses for smartphones, software and online training.

PLUS Big Brands include: Apple, Lenovo, LG, Samsung, Sennheiser and many more.

Products available for any country.

We hope you enjoy and find value in the much anticipated iTWire Shop.

ENTER THE SHOP NOW!

INTRODUCING ITWIRE TV

iTWire TV offers a unique value to the Tech Sector by providing a range of video interviews, news, views and reviews, and also provides the opportunity for vendors to promote your company and your marketing messages.

We work with you to develop the message and conduct the interview or product review in a safe and collaborative way. Unlike other Tech YouTube channels, we create a story around your message and post that on the homepage of ITWire, linking to your message.

In addition, your interview post message can be displayed in up to 7 different post displays on our the iTWire.com site to drive traffic and readers to your video content and downloads. This can be a significant Lead Generation opportunity for your business.

We also provide 3 videos in one recording/sitting if you require so that you have a series of videos to promote to your customers. Your sales team can add your emails to sales collateral and to the footer of their sales and marketing emails.

See the latest in Tech News, Views, Interviews, Reviews, Product Promos and Events. Plus funny videos from our readers and customers.

SEE WHAT'S ON ITWIRE TV NOW!

BACK TO HOME PAGE
Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments