Government Efforts to Weaken Privacy are Bad for Business and National Security

The federal government's efforts to require technology and social media companies to relax product security and consumer privacy standards—if successful—will ultimately make everyone less safe and secure.

Apple, Facebook, Twitter and countless other tech giants are actively opposing several methods the government uses to access encrypted or private consumer information. Carbonite, which is trusted to securely protect information for millions of businesses and individuals, stands with these companies in the fight to ensure the highest levels of customer privacy and security.

Whether it's providing investigators with a method to unlock iPhones on demand, or making it easy for the government to secretly surveil social media users, relaxed security standards will lead to a decrease in demand for American-made products. Weakened security will give the world's increasingly-sophisticated malicious hackers new opportunities to exploit innocent American victims.

Tech companies take a stand

The global debate over how best to balance privacy rights with the need to ensure national security was best exemplified when Apple CEO Tim Cook opposed a court order to unlock a password-protected iPhone following the San Bernardino, Calif. terrorist attack in 2016.

Apple argued that the federal government's request posed a threat to the security of all iPhone users because it would create a "backdoor" that nefarious actors could use to unlock the private encrypted information stored in an iPhone. Note: Investigators eventually accessed the phone's data with the help of a third party.

Other tech giants have taken public stands as well. Facebook is currently fighting a court order preventing it from informing users when investigators ask to search their online information. Facebook has taken the case to the Washington D.C. Court of Appeals, arguing that the court order violates the First Amendment rights of the company and its customers.

Microsoft last year sued the US government for the right to inform users when investigators seek access to emails that are stored remotely in the cloud, as opposed to directly on their devices.

While secrecy is certainly warranted in some criminal investigations, Microsoft argued that it is currently too easy for prosecutors to obtain secrecy orders from federal courts. During one 18-month period between 2015 and 2016, Microsoft received 5,624 legal orders requesting customer information. In 2,576 of those cases, Microsoft was prevented from disclosing to the impacted customer that investigators were seeking their records.

Can the government be trusted with our data?

The US government has been fighting hard to lower the bar by which it can gain access to individuals' personal data; but the government's track record when it comes to protecting its own data is far from stellar.

In 2015, the US Office of Personnel Management—essentially the human resources department for the federal government—fell victim to a massive data breach that exposed the private records of more than 20 million current and former federal employees. A recent Office of the Inspector General audit confirmed, more than two years later, that the agency still needs to improve the way it manages and protects information systems.

Customers demand security

Both businesses and individual have unfortunately grown accustomed to the fact that cyber-threats like ransomware, phishing scams and malicious hackers are ubiquitous. The result, however, is that technology buyers have become more sophisticated in their analysis of products.

People now think twice before downloading an app if it doesn't have four or five star reviews. They pay attention to details about security and privacy disclaimers, and they are increasingly more able to try and find out what types of information an app accesses when they download it.

There's a shift happening and security has taken center stage. Security software firms are darlings of the tech industry and companies that tout high levels of security are highly regarded. People want products from companies that take data security seriously.

Sounding the alarm

When describing the government's efforts to reduce consumer privacy and security, I like to use the analogy of a home alarm system: Suppose you have a home alarm that you set every night before you go to bed and whenever you leave the house to go to work. You are the only one with the alarm code.

Now imagine that one day you turn on the news and learn that Congress is debating a bill to provide the FBI and State Police Departments with default access codes to every single American home alarm system. Now, not only will you have your access code, but so will the United States Federal Government and your State Police Dept. Are you really willing to compromise your security like that? Who is protecting the default access code? How can you be sure it won’t be misused, lost or stolen?

During a time of increased cybersecurity threats, US tech companies should be focused on making their products more secure. Anything less will result in customers taking their business elsewhere, even if that means outside the country.

What’s Hot on Infosecurity Magazine?