Michael Hayden Ran The NSA And CIA: Now Warns That Encryption Backdoors Will Harm American Security & Tech Leadership
from the good-for-him dept
There are very few things in life that former NSA and CIA director Michael Hayden and I agree on. For years, he was a leading government champion for trashing the 4th Amendment and conducting widespread surveillance on Americans. He supported the CIA’s torture program and (ridiculously) complained that having the US government publicly reckon with that torture program would help terrorists.
But, there is one thing that he and I agree on: putting backdoors into encryption is a horrible, dreadful, terrible idea. He surprised many people by first saying this five years ago, and he’s repeated it a bunch since then — including in a recent Bloomberg piece, entitled: Encryption Backdoors Won’t Stop Crime But Will Hurt U.S. Tech. In it, he makes two great points. First, backdooring encryption will make Americans much less safe:
We must also consider how foreign governments could master and exploit built-in encryption vulnerabilities. What would Chinese, Russian and Saudi authorities do with the encrypted-data access that U.S. authorities would compel technology companies to create? How might this affect activists and journalists in those countries? Would U.S. technology companies suffer the fate of some of their Australian counterparts, which saw foreign customers abandon them after Australia passed its own encryption-busting law?
Separately, he points out that backdooring encryption won’t even help law enforcement do what it thinks it wants to do with backdoors:
Proposals that law-enforcement agencies be given backdoor access to encrypted data are unlikely to achieve their goals, because even if Congress compels tech firms to comply, it will have no impact on encryption technologies offered by foreign companies or the open-source community. Users will simply migrate to privacy offerings from providers who are not following U.S. mandates.
Indeed, this is the pattern we have seen in Hong Kong over the last six months, where pro-democracy protesters have moved from domestic services to encrypted messaging platforms such as Telegram and Bridgefy, beyond the reach of Chinese authorities. Unless Washington is willing to embrace authoritarian tactics, it is difficult to see how extraordinary-access policies will prevent motivated criminals (and security-minded citizens) from simply adopting uncompromised services from abroad.
None of this is new, but it’s at least good to see the former head of various intelligence agencies highlighting these points. At this point, we’ve seen intelligence agencies highlight the value of encryption, Homeland Security highlight the importance of encryption, the Defense Department highlight the importance of encryption. The only ones still pushing for breaking encryption are a few law enforcement groups and their fans in Congress.