US says it doesn’t need secret court’s approval to ask for encryption backdoors

A Washington DC court house building where the secretive Foreign Intelligence Surveillance Court sits. (Image: file photo) The US government does not need the approval of its secret surveillance court to ask a tech company to build an encryption backdoor.
恶性的商业竞争新闻频频见诸媒体,我们应该反省加强员工的职业道德培训,让员工明白:只有通过提升服务质量来获得顾客满意度,才能争取和留住客户,才能增加商业竞争力。
The government made its remarks in July in response to questions posed by Sen. Ron Wyden (D-OR), but they were only made public this weekend.
The implication is that the government can use its legal authority to secretly ask a company for technical assistance, such as building an encryption backdoor into a product, but can petition the Foreign Intelligence Surveillance Court (FISC) to compel a US-based company if it refuses.
In its answers, the government said it has “not to date” needed to ask the FISC to issue an order to compel a company to backdoor or weaken its encryption.
The government would not say, however, if it’s ever asked a company to add an encryption backdoor.
A spokesperson for the Director of National Intelligence declined to comment.
天威视讯:拟联合并购新三板公司璧合科技
The government relies on section 702 of the Foreign Intelligence Surveillance Act to carry out the bulk of its intelligence gathering and surveillance operations. Section 702 has long seen the powers as the “crown jewels” of the intelligence community’s legal authority. One application of the powers allows the government to ask a tech company to deliberately bypass the encryption on one of its products. Last year, the FBI sought a court order — albeit under a different legal statute — to force Apple to alter the software on a dead terrorist’s iPhone to decrypt its data.
Critics have long argued that the government has wide latitude to conduct surveillance under broad approvals from the FISC.
Marcy Wheeler, a national security blogger, explained in a blog post last month that the FISC can approve an annual certification affirming that the government requires assistance from a US tech company, but it doesn’t require a description of what specific assistance is needed. That gives the government a wide range of powers to issue directives without any further approval or review from the FISC to collect intelligence.
A declassified but highly redacted FISC opinion from 2006 states that a directive must be signed off by both the attorney general and the director of national intelligence.
The admission comes just a few weeks before the controversial section 702 powers are set to expire. Congress has until December 31 to pass a new surveillance law, or the intelligence community risks losing its powers at the end of the annual certification cycle.
Several reform and reauthorization bills are under consideration by lawmakers.
Wyden, who sits on the Senate Intelligence Committee, last month opposed the committee’s own proposed bill, arguing that it “leaves in place current statutory authority to compel companies to provide assistance, potentially opening the door to government mandated de-encryption without [FISC] oversight.”
Wyden’s own bipartisan bill, supported by committee colleague Rand Paul (R-KY), would require the government to obtain approval from the FISC for each request for assistance.
Contact me securely
Zack Whittaker can be reached securely on Signal and WhatsApp at 646-755–8849, and his PGP fingerprint for email is: 4D0E 92F2 E36A EC51 DAAE 5D97 CB8C 15FA EB6C EEA5.
Read More
ZDNET INVESTIGATIONS
NSA’s Ragtime program targets Americans, leaked files show
Leaked TSA documents reveal New York airport’s wave of security lapses
US government pushed tech firms to hand over source code

At the US border: Discriminated, detained, searched, interrogated
Millions of Verizon customer records exposed in security lapse
Meet the shadowy tech brokers that deliver your data to the NSA
Inside the global terror watchlist that secretly shadows millions
FCC chairman voted to sell your browsing history — so we asked to see his
198 million Americans hit by ‘largest ever’ voter records leak
Britain has passed the ‘most extreme surveillance law ever passed in a democracy’
Microsoft says ‘no known ransomware’ runs on Windows 10 S — so we tried to hack it
Leaked document reveals UK plans for wider internet surveillance
Related Topics:
Security TV
Data Management
天下没有免费的午餐,一个新的弹出窗口可能会免费向您提供计算机的安全扫描,以发现病毒感染情况和未处理的漏洞。不要吃掉这诱饵!如果您允许这种类型的扫描,您可能会让不怀好意的家伙们访问您的个人信息。

猜您喜欢

网络安全宣传周公益教育动画APT高级持续威胁
网络安全宣教动漫——揭密社工黑客
网络安全法在线讲解-《网络安全法》的突出亮点 https://v.qq.com/x/page/u0514qmyllg.html
迅雷内讧落幕:双方和解 於菲将继续居中协调
D4CM THEGRAPE
安全意识博客