Privacy

Department of Justice Urges Weakened Cybersecurity

08.04.15

On Friday, July 8, 2015, the U.S. Department of Justice actually recommended in a congressional hearing that Congress pressure companies to weaken their encryption efforts by building into them a so-called “back door” into their products.

Supposedly, according to the DOJ, commercial information technology is becoming so protected by encryption that even companies servicing that technology can’t access the information it protects. It also gets in the way of legitimate law enforcement investigations, thus impacting national security.

The DOJ indicated that, while it’s not yet trying to get this recommendation mandated into law, it isn’t ruling that out in the future.

The ACLU always has opposed efforts to mandate weakened securityencryption. “Whether through a mandate or another form of government pressure, weakened cybersecurity is a lose-lose proposition for security and privacy,” said Neema Singh Guliani, ACLU Legislative Counsel.

She reports:

  • Authorities in the intelligence field maintain it’s impossible to make a law enforcement backdoor that isn’t also open to criminals, hackers and dishonest government individuals.
  • The DOJ offered no evidence that weakened cybersecurity is actually needed.
  • Government-mandated cybersecurity weakening puts the private sector even more solidly into a position of responsibility for building the government’s surveillance infrastructure.

This DOJ recommendation, if it is adopted, does not protect national or corporate security. More important, it also threatens critical Fourth Amendment guarantees of personal privacy.