US Deputy Attorney General Rod Rosenstein issues ignorant call for “responsible” encryption
1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 3.67 out of 5)

US Deputy Attorney General Rod Rosenstein issues ignorant call for “responsible” encryption

The deputy attorney general is framing this argument all wrong.

On Tuesday, in the course of a larger speech at Annapolis, Maryland, deputy Attorney General Rod Rosenstein – speaking on behalf of the US government – called for “responsible” encryption. Or, put another way, breakable encryption.

This is how Rosenstein explains it:

When encryption is designed with no means of lawful access, it allows terrorists, drug dealers, child molesters, fraudsters, and other criminals to hide incriminating evidence.

This is an incredibly myopic perspective and one that isn’t even consistent with other positions taken by the DOJ and the current administration.

Let’s start with why it’s myopic

The entire point of encryption is to be unbreakable. Encryption was not created with oversight in mind. It’s meant to scramble a message in a way that only allows an intended recipient, with a corresponding key, to decrypt it. That’s basic.

The concept of “responsible” encryption fails simply for being oxymoronic in the context it’s being used. But beyond that, if somebody possesses the means to crack industry-standard encryption then everyone will eventually have the means. It’s either incredibly arrogant or amusingly naïve to think that weakening encryption wouldn’t result in someone else figuring out how to crack it, too.

And assuming that logic IS correct and nobody else does possess the means to crack publicly-available encryption—do you really expect us to trust you to keep it safe? Right now, on a near-weekly basis, the NSA’s entire digital espionage playbook is being laid out for the world to see. Other government agencies have also been targeted recently. The US Government is being breached on a near-daily basis.

There’s no guarantee the government could even keep the key safe.

And that brings us to another question. What encryption does the government intend to use? Does this spell the intention to create classes of encryption in which civilian encryption pales compared to military or government encryption? Is that even feasible? Have you even thought it this far through?

Encryption is a tool. It’s neither good nor bad on its own. It’s simply a way to obfuscate information. The conduct of the person using the encryption should have no bearing on its greater legality.

Isn’t that the logic behind our current gun laws?

And that’s a nice segue into the second part of this discussion: this stance isn’t even consistent with some of the DOJ and the Trump administration’s current positions.

When someone uses a semi-automatic rifle with a bump stock to kill nearly 60 people and injure over 500 in Las Vegas we don’t blame the guns. We don’t make this kind of argument. I’m not commenting on gun control – we’re an SSL company, let’s not get any more political than we already are – it’s just the lack of consistency that bothers me.

It’s never that the guns allow criminals to perpetrate acts of violence that we can’t stop so we need to weaken them for public safety.

Granted, people make that argument after these tragedies but that logic never prevails. Never.

So why is encryption any different? The vast majority of encryption users are law-abiding citizens. Why should their rights be trampled because of the actions of a select few?

Outlawing encryption because it makes it difficult to spy on communication is like outlawing whispering because you can’t hear what people are talking about.

Still, Rosenstein joins a growing chorus of politicians that don’t really understand encryption but still want to regulate it. We, as private citizens, can’t allow that to happen. Rosenstein says we don’t have a right to absolute privacy. That’s an ironic position for a Republican that favors a smaller government to take and one I vehemently disagree with.

Statements like Rosenstein’s are exactly why we need encryption. You DO have a right to privacy. Don’t let anyone tell you otherwise.

  • In what world do you think that everything is subject to a lawful search warrant **EXCEPT** your iPhone? This cannot be acceptable to a reasonable person. There are cases where a victims phone has potential evidence in her murder but Apple is claiming that this is somehow a violation of her privacy? This cannot be allowed to stand.

  • We already know that the government has the ability to hack into an iPhone if necessary. They want a master key to everyone’s phone because hacking requires work, which limits them to only looking at a select few phones with a good reason (i.e. what the Constitution says they’re supposed to be doing anyway) and prevents them from snooping on everybody (i.e. what the Constitution forbids but the people in power want so badly they can taste it).

    • Marcus – we’ve spoken about this, but to require every police department to hack into phones on a case by case basis, we’re going to let a lot of murderers walk because it’s going to be cost prohibitive.

      Again, there is no exception that can be tolerated for certain devices to be immune to lawful warrants and court order. You’re looking at this as a tech person, try looking at this as a regular person.

      • And the constitution is not being breached by a lawful warrant. The current situation is that there is no way to get into a suspect (or victims) device, warrant or not, except by spending enormous amounts of money to third party groups. This means that we will accept two things:

        1. Some evidence will simply be too expensive to get
        2. We insist that device manufactures ‘unlock’ devices with a court order.

        #1 is intolerable, and if you stand on that, you will lose everything.
        #2 does involve the govt. having some master key. That argument is a complete canard.

Leave a Reply

Your email address will not be published. Required fields are marked *

Captcha *