Snowden Intervenes In The Encryption Debate

Uploaded on 2016-05-02 in NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW, BUSINESS-Services-IT & Telecoms

NSA whistleblower and privacy advocate Edward Snowden took part in his first public debate on encryption recently, facing off against CNN’s Fareed Zakaria, a journalist and author known for his coverage of international affairs.

Zakaria, in New York, defended the government’s right to access any and all encrypted messages and devices as long as there’s court approval. Snowden, speaking from safety over a live video-link from Moscow, argued the security of the Internet is more important than the convenience of law enforcement. The debate was organised by NYU’s Wagner School of Public Service and the Century Foundation.

Though Zakaria started off firm in his conviction that law enforcement should be able to get hold of all digital messages with court approval, he gradually conceded that it may not be that simple. Zakaria said he himself doesn’t actively encrypt any of his communications, assuming everything will be fine — though Snowden pointed out that, since he has an iPhone, some of his data and communications are encrypted by default.

Zakaria opened the debate by posing a hypothetical: Bank of America creates an “iVault” allowing anyone to store all their financial data totally encrypted. An embezzler could take advantage of that service to hide the evidence of their misdeeds, foiling investigators. “I understand within a democracy, you have to sacrifice liberty for democracy at some point. You cannot have an absolute zone of privacy,” he said.

Snowden agreed with Zakaria that absolute zones of privacy don’t exist, and that encryption does pose real problems for law enforcement. But he disagreed that universal access is the best way to solve the problem. “For the government to unlock everything there has to be a key to everything. Every other person in the world can find that key and use it too,” he said. “It’s a fundamental problem of science.”

Instead, he suggested, police should take advantage of the many other options available to them. He cited the investigation into the founder of Silk Road, an anonymous, encrypted platform for black market drug sales. In that case, a team of investigators caught the mastermind at the library after he typed in his password.

“Encryption is not an unbreakable wall,” Snowden said. “Or if it is, it is one we can get around, if we are patient, if we are careful, if we think and plan how to go about our investigations.”

By the end of the debate, Zakaria said he did not support the legislation proposed by Senators Richard Burr, R-N.C., and Dianne Feinstein, D-Calif., which would mandate companies to immediately decrypt all communications when asked by a court. The bill has been heavily criticised by technologists.

And Zakaria acknowledged that if it was genuinely impossible for a company to decrypt communications, then the court should accept that, though it would be a “hard case.”

“If WhatsApp says we literally do not know how to write this code, WhatsApp could demonstrate to a court that they don’t have to do it,” Zakaria said.

He concluded by encouraging greater clarity about what kind of communications the government can and cannot access, before the next disastrous terrorist attack. “We do face real threats out there. There are people out there trying to do bad things. Once they happen, the government will be given carte blanche,” he said.

Snowden noted that former security officials now proclaiming the value of unbreakable encryption, including former NSA director Michael Hayden, had considered those questions carefully and had fallen on the side of computer security.
The Intercept: http://bit.ly/1SqWg

« Bangladesh Bank Hackers Compromised SWIFT
Driverless Trucks Are On The Way. »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

LogicManager

LogicManager

LogicManager offer a complete set of IT governance, risk and compliance software solutions and advisory services.

Hague Security Delta (HSD)

Hague Security Delta (HSD)

The Hague Security Delta Campus is home of the leading cyber security cluster in Europe with an Innovation Centre, labs and training facilities.

GuardKnox

GuardKnox

GuardKnox protects the users of connected vehicles against threats that can endanger their physical safety and the safety of their personal information.

National Center for Manufacturing Sciences (NCMS)

National Center for Manufacturing Sciences (NCMS)

NCMS is a cross-industry technology development consortium, dedicated to improving the competitiveness of the US industrial base. Strategic initiatives include industrial cyber security.

Travelers

Travelers

Travelers is a leading writer of US commercial property casualty insurance and one of the world’s largest global insurers for cyber insurance.

Upfort

Upfort

Upfort (formerly Paladin Cyber) unifies award-winning security and robust cyber insurance to deliver comprehensive cyber risk solutions.

astarios

astarios

astarios provide near-shore software development services including secure software development (DevSecOps), quality assurance and testing.

ConnectWise

ConnectWise

The Unified ConnectWise Platform offers intelligent software and expert services to easily run your business, deliver your services, secure your clients, and build your staff.

BreachLock

BreachLock

Breachlock delivers the most comprehensive Penetration Testing as a Service (PtaaS) powered by Certified Hackers and AI.

Sunartek Labs

Sunartek Labs

Sunartek are equipped with expert resources and advanced technology to identify cyber threats and prevent any breach, bypassing the security network of your organization.

Zilla Security

Zilla Security

Zilla combines identity governance with cloud security to deliver comprehensive access visibility, reviews, lifecycle management, and policy-based security remediation.

SilverEdge Government Solutions

SilverEdge Government Solutions

SilverEdge is a next generation provider of innovative and proprietary cybersecurity, software, and intelligence solutions for the Defense and Intelligence Communities.

SecurityStudio

SecurityStudio

SecurityStudio is a continuous cybersecurity risk management platform that allows decision-makers to quickly identify the most immediate threats and make confident risk informed decisions.

Bastion Technologies

Bastion Technologies

All your cyber defense. One platform. Keep your business assets and employees safe under one roof. Manage your cyber defense quickly, easily & efficiently.

Standard Notes

Standard Notes

Standard Notes is a secure digital notes app that protects your notes and files with audited, industry-leading end-to-end encryption.

Genix Cyber

Genix Cyber

Genix Cyber provides world-class cybersecurity services that protect systems, cloud applications, infrastructure, critical data, and networks from evolving cyber threats.