The debate continues.
Apple, along with other major technology companies, have formed the privacy-focused Reform Government Surveillance (RGS) coalition as part of an effort to fight government agencies pushing for the addition of encryption backdoors.
The RGS offered the following statement on Wednesday:
“Recent reports have described new proposals to engineer vulnerabilities into devices and services – but they appear to suffer from the same technical and design concerns that security researchers have identified for years. Weakening the security and privacy that encryption helps provide is not the answer.”
The statement itself refers to a report from March 26th, wherein it’s been stated that the FBI and Justice Department members had met with security researchers on ways to enable “extraordinary access” to encrypted devices, and are apparently convinced it is possible to enable a backdoor without weakening security completely.
The technique apparently involved a special access key that would be generated whenever a device encrypts itself and would also be used to detour around passcodes. Such a key would be stored locally in a separately encrypted space, similar to the Secure Enclave on iOS devices.
This system could require a number of employees at Apple and other technology firms to possess access to the key. Though potentially feasible, the large number of key holders themselves could raise the risk of leaks and thus undermine security.
The RGS also agreed to add a sixth core principle to its list, to guide its future advocacy efforts. The principle, titled “Ensuring Security and Privacy through Strong Encryption” via the following statement:
“Strong encryption of devices and services protects the sensitive data of our users. Strong encryption also promotes free expression and the free flow of information around the world. Forcing technology companies to create vulnerabilities that work against encryption would “undermine the security and privacy of our users, as well as the world’s information technology infrastructure.”
In lieu of adding a backdoor, the RGS stated that the companies comprising the group continue to collaborate with policymakers to “seek out common sense solutions that are consistent with established norms of privacy, free expression, and the rule of law.”
The RGS currently includes firms such as Apple, Google, Facebook, Microsoft, Oath, LinkedIn, Dropbox, Evernote, Snap, and Twitter. A previous effort by RGS involved writing an open letter to members of the US government and law enforcement, urging for a drastic change in surveillance laws, following the bulk-collection of data revealed by former NSA contractor Edward Snowden, with the revelations prompting the creation of the group.
Stay tuned for additional details as they become available.
Via AppleInsider and ZDNet