The precarious cybersecurity balancing act

Posted on by

When British Prime Minister David Cameron publicly called on the worlds biggest technology firms to assist law enforcement agencies in breaking digital encryption, he became the latest politician to assert that it is possible to balance Internet security and surveillance.

Whether that balance actually exists, however, is the subject of intense debate.

Prime Minister Cameron travelled to Washington late last week to meet with U.S. President Barack Obama. One of the major topics of conversation between the two leaders is digital security a group of 12 U.K.-based cybersecurity firms is also travelling with the Prime Minister.

The U.K. is already leading the way in cybersecurity and this government is committed to ensuring it continues to be a leader in this multibillion dollar industry, the Prime Minister said in a statement on the eve of his U.S. trip.

But what was originally planned as a discussion about British plans to strengthen digital security has suddenly become, in many security experts view, a discussion about doing the exact opposite. In the immediate aftermath of the Paris shootings one of the worst acts of terrorism in postwar French history Mr. Cameron has publicly called for technology companies to co-operate with efforts to allow British law enforcement agencies to crack encryption, the fundamental building block of digital privacy.

Its really odd in one breath to talk about improving cybersecurity and then in another breath call on companies to weaken security by weakening encryption, said Christopher Soghoian, principal technologist with the American Civil Liberties Union.

There is no way to design the system to keep the Chinese and North Koreans out but let the North Americans and British in.

Encryption is, at its most basic level, a means of keeping information secret using very large numbers. Just as a 15-digit PIN is harder to guess than a four-digit PIN, high-grade encryption algorithms that manipulate larger numbers are usually harder to break. As such, all things being equal, encryption is not only a fairly effective means of keeping data private, its effectiveness can also be mathematically measured.

But ever since the Edward Snowden leaks revealed widespread claims of authorized and unauthorized government surveillance of many of the worlds most popular digital services and social networks, the technology giants responsible for those services have taken great pains to improve their encryption standards.

(The motivation for doing so is, primarily, financial companies such as Google, Microsoft and Apple stand to lose billions if enterprise customers such as banks and other large corporations no longer trust their systems to keep sensitive information private.)

Read more:
The precarious cybersecurity balancing act

Related Posts
This entry was posted in $1$s. Bookmark the permalink.