Sergey Nivens - Fotolia

Risk & Repeat: Responsible encryption ramps up

Listen to this podcast

In this week's Risk & Repeat podcast, SearchSecurity editors discuss the recent push from law enforcement officials for responsible encryption and what that may mean.

Government rebukes of end-to-end encryption have surfaced again, and this time, law enforcement agencies are pushing for what they call responsible encryption.

In recent weeks, both Deputy Attorney General Rod Rosenstein and FBI Director Chris Wray have advocated for responsible encryption during various speeches and public appearances, arguing that technology companies must find a way to provide the government with unencrypted data and communications when presented with a warrant. The rhetoric is similar to the going dark arguments of former FBI Director James Comey, who argued that encrypted communications jeopardize law enforcement investigations into various threats, including terrorism.

While neither Wray nor Rosenstein has offered technical details on how this approach would work, it would likely eliminate end-to-end encryption, which enables users to encrypt their data on endpoints and prevents even the device manufacturers and service providers from accessing the data.

Some companies have seemingly taken the government's side of the argument; BlackBerry CEO John Chen recently said the company will try to break its own encryption technology if asked by law enforcement agencies. However, other companies, like Microsoft, which introduced Azure Confidential Computing, have continued moving forward with strong encryption.

What effect will the responsible encryption push have on the technology industry? How is it different from the going dark rhetoric of previous years? How will vendors and service providers react to renewed government pressure? SearchSecurity editors Rob Wright and Peter Loshin discuss those questions and more in this episode of the Risk & Repeat podcast.

Next Steps

Risk & Repeat: Is vulnerability marketing problematic?

Risk & Repeat: DEFCON warns of voting machine security issues

Risk & Repeat: The Kaspersky controversy continues

Enterprise Desktop
Cloud Computing