When Edward Snowden, former CIA employee and former government contractor copied classified information from the United States National Security Agency (NSA) and United Kingdom Government Communications Headquarters (GCHQ) for public disclosure in 2013 – all hell broke loose. That prompted governments around the world to question all US technology and devices. It had China calling tech companies like Apple in for questioning about back doors in their software and in particular Apple's operating system. To prove that Apple had no back doors in their operating system, Apple's CEO Tim Cook agreed to submit Apple products for web security evaluations by Chinese authorities to appease the Chinese Government. Yet prior to Edward Snow's NSA blowout revelations, we didn't have end-to-end encryption and 'cyberlife' for the most part, wasn't much of an issue if users took basic precautions. Yet once Apple introduced their unbreakable encryption with iOS 8, they just decided to shut the door to cooperating with law enforcement, even with legal warrants. But it wasn't until the terrorist attacks in Paris last week where this issue really hit the fan.
One of this week's top news stories surrounded the issue of end-to-end encryption (one, two, three, four, five, six). Apple's iOS 9, an app called the 'Telegram,' the Sony Playstation 4 and other apps like Whatsapp took a beating from law enforcement and governments around the globe with the loudest complaints emanating from this week's Cybersecurity Conference held in New York City.
Due to the horrific terrorist attacks last week in Paris, no tech company wanted to be singled out for rebuking governments' requests to assist them in tracking down terrorists. So they chose the 'Information Technology Industry Council (ITI)' to be the collective voice for companies including Apple, Dell, Facebook, Google, Microsoft, IBM, Intel, Twitter and others. The ITI released the following statement two days ago from President and CEO Dean Garfield, in response to calls from the government to weaken encryption:
"Encryption is a security tool we rely on every day to stop criminals from draining our bank accounts, to shield our cars and airplanes from being taken over by malicious hacks, and to otherwise preserve our security and safety. We deeply appreciate law enforcement's and the national security community's work to protect us, but weakening encryption or creating back doors to encrypted devices and data for use by the good guys would actually create vulnerabilities to be exploited by the bad guys, which would almost certainly cause serious physical and financial harm across our society and our economy. Weakening security with the aim of advancing security simply does not make sense."
But where were these companies just two years ago on this issue? Was their newly found motivation to play the encryption card due to the threat of losing government contracts around the globe due to the NSA revelations? In part, more than likely. The position of it being for the sake people's privacy was just a marketing side benefit, the cherry on the cake that played right into people's paranoia of overreaching governments.
Apple and other companies could have done this years ago, but didn't. So their motivation to play the Pius card now, for some of us, is seen suspiciously as simply pandering to save profits; a point that was hammered home this past week by the New York Daily News:
"High-tech leaders like Cook and Schmidt are only making life easier for ISIS and other malefactors by putting the content on phones out of the reach of authorities who have warrants or are in the throes of a dire emergency. This is not a gift from God, it is a gift to the evil from profit-driven executives."
The issue of unbreakable encryption clashing with the needs of law enforcement with a legal warrant is now a global issue, with the UK likely to be the first to introduce legislation on this matter. Senator John McCain told reporters this past week that he would hold a series of hearings and eventually pursue legislation that would require companies to provide the government with access to encryption.
McCain's hearings will no doubt have Apple's Tim Cook up for drilling as one of America's top CEO's defending their new position of encryption under the guise of Privacy for the people.
Yet beyond the China issue, encryption is about building trust with consumers so that they'll be able to feel comfortable using next-gen services like Apple's Apple Pay – which is clearly a legitimate position. And so the upcoming hearings with John McCain will most interesting to follow indeed.
Will Apple's CEO be able to thread the needle just right and find a compromise on 'communications' encryption or will John McCain want a showdown at the O.K. Corral type of fireworks to show that the GOP's resolve on combating terrorists and the order of law is unyielding?
While only time will tell, I'd say that with 2016 being an election year, politics may very well rule the day. And, if further terrorist attacks should occur prior to the hearings, it's only get to get tougher for tech companies to get the committee to fairly hear their case. In the end, both sides will claim that the fix to the encryption impasse is "just common sense." But in this case, the one holding the gavel is likely to be the one that wins the day.