William Barr has only been serving as Donald Trump’s lackey in the Department of Justice for a few months, but it seems he is already on track to contend for the title of worst Attorney General in the history of the United States of America.
In addition to maliciously publishing a dishonest interpretation of Robert Mueller’s final report regarding the Russian Federation’s interference in the 2016 presidential election (while withholding the actual report), Barr has been actively engaged in undermining the security and well-being of the United States in a myriad of ways.
For example, today in New York, Barr gave a speech in which he said companies should be required to build backdoors into their products so that the CIA, NSA, FBI, and police can snoop on everyone’s communications on a 24/7/365 basis.
“The Department has made clear what we are seeking,” Barr said.
“We believe that when technology providers deploy encryption in their products, services, and platforms they need to maintain an appropriate mechanism for lawful access. This means a way for government entities, when they have appropriate legal authority, to access data securely, promptly, and in an intelligible format, whether it is stored on a device or in transmission.”
“We are not talking about protecting the Nation’s nuclear launch codes,” Barr condescendingly added. “Nor are we necessarily talking about the customized encryption used by large business enterprises to protect their operations.”
“We are talking about consumer products and services such as messaging, smart phones, e‑mail, and voice and data applications.”
Translation: Real encryption should only be available to the government itself and the large firms the government relies on (like Booz Allen Hamilton) for its operations. It shouldn’t be available to households or small businesses.
Barr’s prepared remarks do not use the word “backdoor”. But that is exactly what Barr wants: legally mandated backdoors that are baked into all “consumer” tech.
Barr’s contention that backdoors can be secured is wrong. Completely, totally wrong. What Barr is demanding is not possible. There is no way to secure a backdoor and restrict its use to only “authorized” entities.
If a backdoor exists, then it can be exploited by bad actors, which defeats the entire purpose of encryption. Weak encryption is an oxymoron. Strong encryption — with no backdoors — is the only real encryption that there is.
All of us — everyone, everywhere — needs to be able to protect our data with strong encryption. It’s the only way we can secure our cyber persons in this technology-centric era of cloud computing, wearable devices, and AI.
America’s adversaries (including terrorist groups) don’t give a fig what U.S. law says. They’ll avail themselves of the ability to encrypt their communications regardless of whether people like Barr get the power they are seeking.
The notion that this country might make it illegal for Americans to properly safeguard their own data is just absurd.
It is understandable that people in Barr’s position don’t like the idea of not being able to eavesdrop on whoever they want to through the use of signals intelligence. America’s armed services and intelligence agencies have become addicted to signals intelligence and are loathe to lose the spying capabilities they’ve developed.
Before encryption started becoming the norm for messaging and for device security, mass surveillance was easy and simple. Now it’s getting harder.
That is a good thing. The right to privacy matters. The right to be free and secure in one’s home matters. The right to be anonymous matters.
Judging by William Barr’s past words and deeds, he does not believe Americans have a right to privacy or even should have a right to privacy. The Fourth Amendment clearly doesn’t mean anything to him.
As Oregon Senator Ron Wyden noted today in remarks on the Senate floor: “It is now public record that William Barr, when he was attorney general in the 1990s, approved a massive, illegal surveillance program. The Inspector General of the Department of Justice revealed this March that William Barr gave the OK to a bulk phone records dragnet at the DEA that ran for more than twenty years.”
“The Inspector General found that Barr never even looked to see whether the DEA bulk surveillance program was legal,” Wyden continued.
“The IG found this ‘troubling’ because of the disconnect between what the law says and how it was secretly being interpreted and used. The DEA program that William Barr approved relied on subpoena authority that requires that the records being collected are ‘relevant or material’ to an investigation”
“But Barr didn’t bother to consider whether all those phone records collected in bulk were consistent with the law. He just went ahead and approved it.”
“The argument that the government needs to weaken encryption has always been based on the promise that the government will never use this backdoor without a court-ordered warrant,” Wyden added. “But Barr, in his own words and actions, has demonstrated repeatedly that, when it comes to surveillance, the laws don’t matter, the courts don’t matter and even the Constitution doesn’t matter. The only thing that matters is whatever he and the president feel like doing.”
I’ve spent close to a decade helping clients become safer online by encrypting their data and their users’ data. I have been heartened to see strong encryption become the default in more and more situations… from Apple and Google making whole device encryption the default for iOS and Android to Let’s Encrypt and web hosts like SiteGround making secure certificates free and easy to obtain.
William Barr wants to undermine all of the progress we have made in safeguarding everyone’s data by mandating backdoors in everything so that people like him can sign off on massive warrantless surveillance programs that vacuum up people’s data and store it (most likely insecurely) without their knowledge or consent.
Security professionals know that what Barr is demanding is unconscionable and disastrous. We need to make sure that everyone else understands that, too.
Like Matt Blaze said: “For the record, data security is critical for our economy and national security. And it’s mostly hanging by a thread, which is why data breaches happen with devastating regularity. Encryption is one of the few security techniques that mostly works. We can’t afford to mess it up.”
He’s right. Congress, the courts, state governments, and the American people must stand up and say NO to William Barr and spymasters who want unlimited snooping powers. Encryption should not even be up for debate.
Individuals and businesses need encryption to stay safe online, period. It’s not negotiable. It’s a necessity. A basic necessity. In fact, it ought to be recognized as part of the right to privacy in our founding documents, just like freedom of speech and freedom of the press and freedom of religion are.