Harvard Researcher: Backdoor Access to US Data Would do Little to Affect Encryption Globally

Harvard researcher says forcing companies to create backdoors to encrypted software would yield few positive results while making the companies less competitive

Chris Burt

February 12, 2016

2 Min Read
Harvard Researcher: Backdoor Access to US Data Would do Little to Affect Encryption Globally
The NSA data center with the Salt Lake Valley in the background in Bluffdale, Utah, in 2013. The data center has reportedly been plagued by power surges that destroyed hundreds of thousands of dollars worth of equipment and delayed the opening of the center for a year. (Photo by George Frey/Getty Images)

WHIR logo



Proposals from lawmakers to force US companies to provide government agencies with backdoors to encrypted data would put them at a competitive disadvantage, without reducing the global availability of encryption, according to a report released Thursday by Harvard University researcher Bruce Schneier. While emphasizing that the results are not a complete catalogue, but rather more of a survey, Schneier and his team conducted A Worldwide Survey of Encryption Products and found 865 devices or programs incorporating encryption originating from 56 countries, with about one-third of the products coming from the US.

Schneier, who is a fellow at the Berkman Center for Internet & Society, along with fellow researchers Kathleen Seidel and Saranya Vijayakumar, replicated a study conducted in 1999 by researchers at George Washington University. The original study attempted to catalogue non-US encryption products, and found over 800 hardware and software products from 35 countries.

Read more: Juniper Finds Backdoor in its Data Center Security Software

US and Judiciary Committee Chairman Richard Burr (R-N.C.), with an assist from Senator Dianne Feinstein (D-Calif.), has been drafting legislation to provide backdoors to encryption with warrants. Burr also sponsored the controversial Cybersecurity Information Sharing Act, which passed through the Senate in October.

“The potential of an NSA-installed backdoor in US encryption products is rarely mentioned in the marketing material for the foreign-made encryption products,” the researchers say in the report. “This is, of course, likely to change if US policy changes.”

Read more: NSA's Hardware Tampering May Alter Global Product Flow

The researchers note that with no difference in advertised strength based on geography, “jurisdictionally agile” companies and products will simply leave a home-country that applies a competitive disadvantage. The Daily Dot notes that US encrypted communications company Silent Circle became a Swiss company in 2014 to avoid government snooping, or its marketing ramifications.

While some other countries are considering limitations on encryption, like France, Dutch parliament has taken the opposite approach, and the new research clearly indicates that it would not take very many countries avoiding backdoors to undermine the industry in the US, as well as efforts by law enforcement to potentially monitor all digital communication between people and entities.

Encryption advocates from Google to Let’s Encrypt, meanwhile, continue to encourage businesses and consumers alike to use encryption more consistently. The US House of Representatives voted to reign in unwarranted surveillance backdoors in June 2014.

This first ran at http://www.thewhir.com/web-hosting-news/backdoor-access-to-us-data-would-do-nothing-to-stop-availability-of-encryption-report

Subscribe to the Data Center Knowledge Newsletter
Get analysis and expert insight on the latest in data center business and technology delivered to your inbox daily.

You May Also Like