Tag: Cryptography

Europe is exploring ways to bypass MLATs. Any system for cross-border access to data must increase protections for fundamental rights.

Today, Access kicked off our inaugural Crypto Summit, a multistakeholder conference devoted to emerging questions about cryptography and the future of the internet. These are edited remarks from Access’ Technology Director Jamie Tomasello and U.S. Policy Manager Amie Stepanovich from the event in Washington, DC.

The U.S. National Institute of Standards and Technology (NIST) has released the second draft of its “Cryptographic Standards and Development Process,” a document intended to provide principles and guidance on the creation of cryptographic standards. Crypto standards developed by NIST serve as the basis for secure communications and interactions across the internet.

Access applauds NIST for the new draft — which expands upon and strengthens the language behind important principles first set out in the previous draft — and for actively and transparently engaging with the public on these important issues. We also encourage NIST to include specific language directed at the National Security Agency (NSA) before the text is finalized.

As the International Principles on the Application of Human Rights to Communications Surveillance make clear, the preservation of the integrity of communications and systems is a key obligation under international law. Just as it would be unreasonable for governments to insist that all residents of houses should leave their doors unlocked just in case the police need to search a particular property, or to require all persons to install surveillance cameras in their houses on the basis that it might be useful to future prosecutions, it is equally disproportionate for governments to interfere with the integrity of everyone’s communications in order to facilitate its investigations or to require the identification of users as a precondition for service provision or the retention of all customer data.

In response to stories in the New York Times, ProPublica, and the Guardian that the National Security Agency (“NSA”) was undermining encryption standards, The Visiting Committee on Advanced Technology (VCAT) released a report that called for increased transparency and internal expertise at the National Institute for Standards and Technologies (“NIST”). The VCAT reviews and makes recommendations regarding general policy for the National Institute of Standards and Technology. The VCAT formed a Committee of Visitors (“COV”) in mid-April to review the relationship between NIST and the NSA.

On May 21, 2014, by voice vote the House Science and Technology Committee adopted an amendment to the FIRST Act removing the requirement that NSA be consulted on encryption standards. The Amendment was authored by Congressman Alan Grayson.

Following revelations that the National Security Agency (NSA) deliberately weakened cryptographic standards put out by the U.S. National Institute of Standards and Technology (NIST), NIST recently proposed a series of principles to guide cryptography standards-setting going forward. Access, together with a coalition of eleven other digital rights, technology, privacy, and open government groups, submitted a letter today calling on NIST to strengthen cryptography principles, noting in particular that the principles must be “modified and amended to provide greater transparency and access.”