UK security experts have come out in support of a Dutch government statement against weakening encryption for the purposes of law enforcement and
The Dutch government’s view is that strong encryption is essential for the security of the country, and the Netherlands will not follow the trend of weakening
encryption for security purposes. The Dutch executive cabinet endorses the importance of strong encryption for internet security to support the protection of privacy for citizens, companies, the government and the entire Dutch economy, .
This statement comes in contrast to the UK government’s draft Investigatory Powers Bill, which is aimed at giving police and security forces easier access to digital communications. China and the US are also considering similar legislation that will require technology firms to give authorities access to encrypted internet traffic.
According to US reports, the White House has already begun raising its concerns with tech firms about reports that terrorists may have used encrypted
technology to co-ordinate and plan the attacks in Paris on November 13th 2015 that killed 130 people.
Dutch minister Van der Steur, extolled the virtues of encryption, which include enabling the Dutch government to communicate online safely with its citizens about taxes and digital IDs. “Cryptography is key to security in the digital domain,” he said. Mr Van der Steur also said that “infringement is permissible” given “a legitimate purpose” with regulation and restriction by law.
Concerns about terrorists using encryption
The ongoing debate on the strong encryption has been fuelled by the November 2015 terror attack in Paris and the US shootings in San Bernadino on December 2nd 2015.
Tashfeen Malik, one of the attackers in the December 2nd shooting in San Bernardino, also posted extremist messages, including a pledge to the leader of Islamic State on a Facebook page, according to law enforcement authorities, underlining concerns about the use of social media by terror groups.
In November 2015, the Information Technology Industry Council (ITI), which represents more than 60 major tech companies including Google, Apple, Microsoft, Intel and Facebook, said in an open letter to US president Barack Obama that it opposes “any policy actions or measures” by the federal government that would undermine encryption technologies.
“The decisive announcement from the Netherlands to maintain strong encryption and avoid implementing back-door access sets a powerful example that other world governments should follow,” said Nithin Thomas, co-founder and CEO of London-based security firm SQR Systems.
“Mr Van der Steur is correct in asserting that strong encryption is vital to the privacy and security of the entire country. Creating back doors in encryption
technology would just as readily create access for hackers as it would intelligence services, leaving everything from individual financial data to national secrets at risk,” he said.
According to Thomas, instead of pursuing any approach that would make current encryption technology less secure, the organisations and individuals that own the data must be able to access and control it themselves.
“This would allow them to comply with legal needs during investigations and criminal proceedings without compromising security. This requires communications service providers to re-think their communications security architecture and corporate policy to enable them to deal with legal intercepts.
In December 2015, Ross Anderson, professor of security engineering at the computer laboratory at the University of Cambridge, told the Joint Committee on the Draft Investigatory Powers Bill inquiry that if surveillance technologies are used in ways that do not have public support, it undermines trust between citizens and police.