The Secretary of Department of Homeland Security (DHS), Jeh Johnson, recently made a public appeal to the cybersecurity technology vendors at the RSA 2015 conference (see here). He asked the technology vendors to take into account that “Our (US Government) inability to access encrypted information poses public safety challenges” and basically asked for help to weaken encryption technologies so that authorities can easily get access to everything. This was not a by-mistake misspeaking. It was a well crafted written statement aligned with other public and private statements from the US Government in recent years in the post Snowden era.
Now we have a public response to this appeal. More than 100 organizations, including tech leaders such as Apple, Google, Facebook, and Twitter joined forces and signed a public letter to President Barak Obama regarding the importance of keeping the cybersecurity infrastructure…well…secured.
After years of knowingly or semi-knowingly cooperating with the US Government we have a new approach from the industry. A kind of “Declaration Of Independence” of Cyber-Security, arguing that no government should own secret keys to everything and that it is the US best long-term interest to take a stand as the leader of the free world in this matter. The letter states:
“We urge you to reject any proposal that U.S. companies deliberately weaken the security of their products. We request that the White House instead focus on developing policies that will promote rather than undermine the wide adoption of strong encryption technology. Such policies will in turn help to promote and protect cybersecurity, economic growth, and human rights, both here and abroad.”
See the actual letter here.
This is a really wonderful progress. A clear voice arguing that the costs of weakening security outweigh the benefits in a big way.
We are now waiting to see the official response from the President to this direct and public letter.