88 percent of security professionals feel that forcing technology companies to give the U.S. government access to encrypted data stored on consumer devices would undermine user security and privacy. That is just one of the findings of a new survey in which Tripwire asked 198 security professionals attending the RSA Conference 2016 their thoughts about technology companies’ responsibility to provide access to customers’ encrypted data. Of those who participated, 81 percent of professionals said it is either very likely or certain that computer criminals would abuse the government’s capability to access encrypted data if technology companies were required to provide it.
“Security professionals are very suspicious of any decision that redefines what's acceptable and what's not when it comes to security and privacy,” said Dwayne Melancon, CTO and vice president of research and development for Tripwire, in response to the survey's results. “It's no surprise that the majority of the respondents at a security conference are concerned about this decision and, regardless of how it is resolved, it will have a lasting impact on security and privacy.”
Additional survey findings include the following:
- Security professionals overwhelmingly agreed that computer criminals would not be the only ones to abuse their right to access encrypted data if technology companies were required to provide it. Eighty-two percent of respondents felt that government agencies would also mishandle that privilege.
- Fifty-three percent of those surveyed said technology firms should be required to provide law enforcement with access to encrypted data on suspected criminals' consumer devices if the appropriate authorities serve them with a warrant or subpoena.
Tripwire's survey comes at a time when Apple and the FBI are divided on issues of privacy and security as they relate to the federal government’s right to require built-in smartphone encryption software that could aid law enforcement investigations. The FBI recently testified before Congress in an attempt to justify its demands that Apple provide it with technical assistance in unlocking an iPhone 5C once owned by Syed Rizwan Farook, one of the two suspected terrorist who perpetrated the mass shooting in San Bernardino County last December. At the same time, there is an increasing demand from Apple and security personnel for U.S. lawmakers to pass legislation that will clarify technology companies’ responsibility to provide access to customers’ encrypted data. For the latest updates on the Apple-FBI story, please follow our timeline here.
