Cybersecurity

GOP rep on responsible encryption: ‘You can call it whatever you want’

Rep. Will Hurd (R-Texas) on Thursday said he is unimpressed with the Department of Justice’s rebranding of the encryption debate as a matter of “responsible encryption.”

“You can call it whatever you want, but make sure you have strong encryption,” he said at “The Cyber Frontier,” a series of talks put on in Washington by The Atlantic magazine. 

The Department of Justice and experts on encryption have sparred on the value of “strong,” functionally unbreakable encryption used in cellphones, file protection and chat apps since the San Bernadino terrorist attack.

{mosads}Then-FBI Director James Comey posed it as an issue of terrorists being able to evade warrants — what he termed “going dark” — while the security community argued that weakening encryption for law enforcement would make it easier for hackers to steal files. 

On Tuesday, during a talk about encryption at the Naval Academy, Deputy Attorney General Rod Rosenstein gave his most thorough remarks on the subject. 

“Responsible encryption is achievable. Responsible encryption can involve effective, secure encryption that allows access only with judicial authorization. Such encryption already exists,” he said. 

Rosenstein pointed to the systems used to update software as one example of “responsible” encryption. A vulnerability in that update process led to one of the largest cybersecurity incidents in the last year, when attackers attached the NotPetya malware to an update in Ukrainian accounting software. NotPetya ultimately crippled the global shipping industry and major unrelated firms.

The Justice Department often poses the issue as a debate between security and civil liberties, where small amounts of civil liberties would be sacrificed for larger security. The security industry sees it as an issue of “security versus security,” where the effects of modifying encryption for the department would drastically weaken the national and financial security that depends on encryption.

Hurd has backed the security industry position throughout the debate. 

“It’s simple: Encryption is good for our national security and good for our economy,” he said at the summit.