Tech Industry and Non-Profit Groups Criticize National Security Agency’s Encryption-Cracking

WASHINGTON, September 6, 2013 – In the wake of reports in The New York Times, ProPublica, and The Guardian that the National Security Agency had embarked on a system of cracking widespread industry-used encryption protocols, at least one industry group and non-profit organization highlighted the need for the nation to “redraw its boundaries around surveillance.”

According to a statement issued by the Ed Black, President and CEO of the Computer and Communications Industry Association:

“We remain confident that the professionals involved in NSA surveillance efforts are dedicated, competent patriotic people who truly believe they are on a mission to protect our country. But we must stress that, without proper checks and balances, these efforts can erode the very principles and freedoms our country was founded on.  In the absence of vigorous oversight, the NSA has been able to leverage existing, limited laws beyond the breaking point to expand its purview, threatening constitutional rights and vital national interests in the process.

“This is a tragic case of myopia on the part of the NSA, and the surveillance infrastructure throughout the government. Our surveillance agencies have been so focused on succeeding in its own narrow (and noble) mission, that it seems the agency will allow no loosely-crafted law and no cybersecurity door to stand in its way. This gives us little confidence that, where legal restraints are concerned, the NSA won’t continue to seek ways to evade oversight and disregard Constitutional rights.

“There are also practical concerns around the NSA’s efforts.  By secretly embedding weaknesses into encryption systems in order to create a “back door” for surveillance access, the NSA creates a road map for similar cyber-incursions by others with less noble intentions. Back doors, of course, can be used by anyone smart enough to find them.

“How we collectively deal with this issue will say a lot about what kind of country we have become. The problem goes beyond the technical aspects of encryption and cybersecurity. The United States risks not only credibility on the world stage, but an erosion from within of our own democratic values.  Continued legal and operational secrecy by the government may lead us to the point where we as a nation one day realize that we have eroded the foundation of our Democracy. To have this discussion we’re going to need more information in the hands of more people. Only then can we collectively reassess and draw the appropriate boundaries around surveillance. If these revelations make anything clear, it’s that we’re going to need an enhanced system of robust checks and balances to protect our democracy, sadly, from those who are protecting our security.”

Also addressing the controversy is the Center for Democracy and Technology. In a statement, CDT Senior Staff Technologist Joseph Lorenzo Hall said:

“These revelations demonstrate a fundamental attack on the way the Internet works. In an era in which businesses, as well as the average consumer, trust secure networks and technologies for sensitive transactions and private communications online, it’s incredibly destructive for the NSA to add flaws to such critical infrastructure.

“The NSA seems to be operating on the fantastically naïve assumption that any vulnerabilities it builds into core Internet technologies can only be exploited by itself and its global partners. The NSA simply should not be building vulnerabilities into the fundamental tools that we all rely upon to protect our private information.”