Department of Homeland Security Desperately Wants Greater Co-operation From Silicon Valley
At the RSA conference, Secretary of Homeland Security Jeh Johnson addressed hundreds of security professionals, delivering a message that was perhaps not well-received.
There were two very important notes in the speech. One, that DHS will be building a satellite office in somewhere near the San Francisco valley, “to strengthen critical relationships in Silicon Valley and ensure that the government and the private sector benefit from each other’s research and development.” And two, that encryption back doors are high on the DHS’ agenda.
The Department of Homeland Security has both the cybersecurity mission and a law enforcement/counterterrorism mission for the American people. We have feet in both camps. I therefore believe I have a good perspective on this issue. […] The current course we are on, toward deeper and deeper encryption in response to the demands of the marketplace, is one that presents real challenges for those in law enforcement and national security.
Let me be clear: I understand the importance of what encryption brings to privacy. But, imagine the problems if, well after the advent of the telephone, the warrant authority of the government to investigate crime had extended only to the U.S. mail. […] Our inability to access encrypted information poses public safety challenges.
In fact, encryption is making it harder for your government to find criminal activity, and potential terrorist activity. […] We in government know that a solution to this dilemma must take full account of the privacy rights and expectations of the American public, the state of the technology, and the cybersecurity of American businesses.
Google & Apple
Google and Apple have repeatedly rebuffed the government’s demands for back doors to encryption, and it is well-known that the NSA has for several years had access to the majority of what takes place on American communications networks. However, if that data is encrypted and the government does not have the private keys to it, then it’s virtually useless to them in an investigative capacity.
DHS hopes to change this by developing closer relationships with businesses whose customers will immediately leave them in the event that they begin openly co-operating with spy agencies. Google and others at its level are well aware that enthusiastic co-operation with government agencies is a sure way to alienate privacy-minded customers. The extent of the information these companies have on their customers is staggering, and the government could learn a thing or two about voluntary data collection from Google, Facebook, and others.
If DHS is serious about pursuing this effort in the absence of legislation, they will most likely not get the results they are looking for. Companies have firm agreements in place with their customers about how their data is shared, and one of the rare cases where the government is given open access is pursuant to an ongoing criminal investigation. Companies do not operate on the premise that most of their customers are engaged in criminality, so handing over the keys to the data vault just seems unlikely.
However, it’s interesting that Johnson seems willing to get what he wants through negotiation, rather than force. But after the Edward Snowden revelations, it will be a long time before the various agencies he oversees will have an image that is positive enough in the minds of technologists. Until then, a co-operative relationship between Silicon Valley and them will appear onerous.
Images from Shutterstock.