Our website uses cookies

Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing Infosecurity Magazine, you agree to our use of cookies.

Okay, I understand Learn more

Who Benefits from the Backdoor in Technology?

Where encryption policies of tech giants like Google, Apple, and Microsoft have provided people with data privacy, it has also constrained government from mass surveillance practices. Therefore, Governments demanding backdoors to encrypted communications is one of the greatest concerns among security experts and people nowadays.

The 2016 FBI vs Apple case was a similar clash between tech giants and law enforcement agencies in which a way to access encrypted data was demanded. However, laws such as Mandatory Data Retention that violate basic rights of individuals regarding online privacy are facing extreme criticism and opposition from the companies and civil liberty groups.

Privacy advocates renounce the spying practices of the governments, as uncovered by WikiLeaks. They argue that weak encryption or backdoors to people’s encrypted data could intensively harm privacy laws that also violate first and fourth amendment by US government which promotes people’s freedom and condemns unreasonable searches without a warrant.

Whereas, through declaring encryption as the dark corner for cybercriminals, governments around the globe are justifying their anti-encryption demands. “There's always been a corner of the room that was dark to us, where nation-states and the most sophisticated criminals would find ways to encrypt their data.” Former FBI director, James Comey said. He wants companies to create privacy defects into their encrypting features so that the government could intervene an individual’s personal data including credentials such as financial details, messages, photos etc.

Encryption being a technique used by most of the popular apps and tech giants are to provide the users a safe way without being attacked by cybercriminals and hackers. Recently, Google and Apple have announced default encryption’ for their smartphone customers. Through it, the data stored into the device will be unreadable to the one who tries to bypass encryption without knowing the correct password.

Most of the cyber experts and critics consider such backdoors a supportive opportunity for the hackers to perform malicious acts. On the other note, the violation of privacy at US borders where every single device and social media profiles are being investigated and the efforts of civil liberty groups like EFF have escalated the matter to a global level.

Now other governments are looking for USA’s anti-privacy laws as a yardstick, and people has become more aware of their digital privacy. But the question still remains whose ball is in the court now?

What’s The Solution?

ISPs Stance

After the new FCC regulations by Trump administration, US internet providers are divided into two groups with different viewpoints. Some of the internet providers such as Comcast, Verizon, and AT&T had said that they do not intervene the customer's privacy, but still customers are offered with the limited options of opting-out of collecting their data such as web browsing history.

Here, the privacy advocates are concerned about the fact that these unstable stances by the ISPs could be altered by them at any time. Also, the search results of a user are adjusted by the internet provider, showing their own marketing agency instead of customer’s expected search engines.

Government stances

Many of the laws by the government in the US were passed so that they could get encryption backdoors without being blamed for intervening people’s privacy. For this purpose, Obama and the other federal agencies proposed “split key approach” that would allow government and a business to share a single decryption key for personal data and sensitive information. Also, the White house officials had proposed another option of giving backdoor key access to the third party.

However, such solutions are not the end point to internet users concern. Companies are never immune to cyber-attacks and the governments have also been prone to such data thefts and vulnerabilities. Recently, a similar ransomware attack named WannaCry has affected more than 150 countries including the government systems also. The White House reported that almost $70,000 have been paid in order to regain the locked data.

Many countries sustain the surveillance laws with a condition that if a warrant is issued, then only the companies and tech vendors are obliged to provide information to the government. Although China has given many strict regulations in their anti-terrorism law that compel companies to provide “technical interfaces” and assist them the decrypting code if security forces ask for it.

The US is governed by the sovereign amendments such as first and fourth that are the yardstick for freedom of privacy. If the government deems it necessary to investigate electronic devices over suspects of terrorism then it should seek a judicial warrant, act within the boundaries of law, and does not overthrow it.

EFF Media Relations director and digital rights analyst, Rebecca Jeschke said: “It’s not fair or just to have a search at the border for no reason. We think that border agents should have a warrant before they search. That means they have to have probable cause that person committed a crime, and the judge has to agree. That’s not what’s happening now.”

User’s Privacy Fix

The internet user’s data has much to do with the privacy concerns. The internet providers and government authorities could do much with their collected personal data. Most often the user’s private data is been sold to the third parties for targeted ads and customized search result display to gain benefit.

Recently, the National Security Agency has ended their surveillance program of collecting emails probably due to the fact that it contains email addresses or contact numbers of foreign targets. That has raised the possibility of collecting the communications which are purely domestic.

However, you would never be sure about their decrypting activities behind the scene and nobody could really stop them doing it. To avoid such situation you could use a VPN for concealing your identity from prying eyes. VPN changes your real IP address so even if you are on a website that is unencrypted, your data is safe from surveillance.

As far as tech vendors such as Google, Apple, Twitter, Facebook, and others are concerned, there is no authenticity that how long they would deny the backdoor demands. Therefore, for genuine privacy, you could try secure browsers such as TOR. It provides you both anonymity and privacy against such surveilling activities, keeping your sensitive data safe. Privacy advocates and activist groups such as Electronic Frontier Foundation (EFF) also suggest TOR for online privacy and liberty.

Also, the browsing extensions such as Privacy Badger that is introduced by EFF, is a source to enhance privacy if loopholes are made into encrypting technique. It is a browser add-on that prevents any of invisible tracking activity and blocks spying ads. Using this could prohibit any further content from loading into your browser.

Conclusion

Users have become more aware of their privacy and follow the best practices such as encryption. The tech giants are playing their part of the responsibility to protect the privacy of their customers by providing better and secure communication experience and maintaining their brand. The whole business-customer relationship over encrypted messaging has challenged the surveillance practices of government which has created the façade of ‘backdoors for agencies’.

Although, national security is a serious matter that should not be skipped out entirely but it is not an excuse in itself to demolish the very laws that made the entire system. Violation of sovereign amendments and overthrowing judicial warrants is not an excuse for the government, and it should act within the boundary of law.

What’s Hot on Infosecurity Magazine?