US says it doesn’t need secret court’s approval to ask for encryption backdoors

A Washington DC court house building where the secretive Foreign Intelligence Surveillance Court sits. (Image: file photo) The US government has “not to date” sought an order from its secret surveillance court to compel a company to backdoor or weaken its encryption.
The government made its remarks in July in response to questions posed by Sen. Ron Wyden (D-OR), but they were only made public this weekend.
In its answers, the government said it has not asked the Foreign Intelligence Surveillance Court (FISC) to issue an order “seeking to compel an electronic communication service provider to alter the encryption afforded by a service or product it offers.”
But the government added that it doesn’t need the court’s approval to ask a company to build an encryption backdoor.
The government would not say, however, if it’s ever asked a company to add an encryption backdoor.
A spokesperson for the Director of National Intelligence declined to comment.
The government relies on section 702 of the Foreign Intelligence Surveillance Act to carry out the bulk of its intelligence gathering and surveillance operations. Section 702 has long seen the powers as the “crown jewels” of the intelligence community’s legal authority. One application of the powers allows the government to ask a tech company to deliberately bypass the encryption on one of its products. Last year, the FBI sought a court order — albeit under a different legal statute — to force Apple to alter the software on a dead terrorist’s iPhone to decrypt its data.
Critics have long argued that the government has wide latitude to conduct surveillance under broad approvals from the FISC.
Marcy Wheeler, a national security blogger, explained in a blog post last month that the FISC can approve an annual certification affirming that the government requires assistance from a US tech company, but it doesn’t require a description of what specific assistance is needed. That gives the government a wide range of powers to issue directives without any further approval or review from the FISC to collect intelligence.
A declassified but highly redacted FISC opinion from 2006 states that a directive must be signed off by both the attorney general and the director of national intelligence.
The admission comes just a few weeks before the controversial section 702 powers are set to expire. Congress has until December 31 to pass a new surveillance law, or the intelligence community risks losing its powers at the end of the annual certification cycle.
安卓广告成黑色产业链的根本原因不是消费者舍不得花那几块钱支持正版,而是因为免费能获得的让消费者心理上觉得赚了,实际上从广义上来说这样做牺牲了安全和隐私。
Several reform and reauthorization bills are under consideration by lawmakers.
Wyden, who sits on the Senate Intelligence Committee, last month opposed the committee’s own proposed bill, arguing that it “leaves in place current statutory authority to compel companies to provide assistance, potentially opening the door to government mandated de-encryption without [FISC] oversight.”
Wyden’s own bipartisan bill, supported by committee colleague Rand Paul (R-KY), would require the government to obtain approval from the FISC for each request for assistance.
Contact me securely
Zack Whittaker can be reached securely on Signal and WhatsApp at 646-755–8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.
Read More
ZDNET INVESTIGATIONS
NSA’s Ragtime program targets Americans, leaked files show
Leaked TSA documents reveal New York airport’s wave of security lapses
US government pushed tech firms to hand over source code

At the US border: Discriminated, detained, searched, interrogated
Millions of Verizon customer records exposed in security lapse
Meet the shadowy tech brokers that deliver your data to the NSA
Inside the global terror watchlist that secretly shadows millions
FCC chairman voted to sell your browsing history — so we asked to see his
198 million Americans hit by ‘largest ever’ voter records leak
Britain has passed the ‘most extreme surveillance law ever passed in a democracy’
Microsoft says ‘no known ransomware’ runs on Windows 10 S — so we tried to hack it
Leaked document reveals UK plans for wider internet surveillance
Related Topics:
我市提前谋划清明节交通管理工作
Security TV
Data Management
政治分歧容易引来军事战争和网络战争,公司里的信息安全管理人员在进行风险分析时,记得考虑政治事件可能给组织带来的安全威胁。

猜您喜欢

辽宁煤矿安全监察局煤矿事故风险分析平台项目信息化监理服务采购
新年新风尚新方式培训新员工新安全观
网络安全法普法宣传 004《网络安全法》的突出亮点
性感女星桥本爱实自曝择偶标准:年入百万才嫁
SELFPUBBOOKCOVERS FARTINJ
防范“无意识泄密”需强化保密意识教育