Crypto Wars: Bitkom calls for a “clear ban” on government backdoors
Source: Heise.de added 14th Dec 2020The German digital economy calls for a ban on state-controlled backdoors to combat crime. Against the background of the current security policy debate, the industry association Bitkom has issued a declaration of principle clearly against a targeted weakening of encryption. “We have to do everything to make electronic communication as secure as possible, and strong encryption is the method of choice here,” said Bitkom boss Bernhard Rohleder.
At EU level, with the initiative of the German Council Presidency to decipher, the debate has reached “a previously unknown intensity and depth of intervention,” warns the association in its policy paper. Confidential communication is a basic right and encryption cannot be divided or metered: “From a technical point of view, encryption is binary – it is secure or not.”
“Backdoors are weak points” Bitkom rejects the politicians’ wish for backdoors for security authorities. The compulsory introduction of backdoors does not lead to more security. “Back doors are not permanently controllable and can be exploited by all conceivable actors – from cyber criminals to foreign intelligence services,” emphasizes Rohleder. The association refers to the expected effect that agile criminals will quickly switch to technologies to which the authorities have no access – and the general public will be left with insecure systems.
In its policy statement, Bitkom calls for a “clear ban on the government deliberately weakening IT or restricting the use of IT protection measures – regardless of whether it is back or front door”. The association also advocates an obligation to publish discovered vulnerabilities “also for government agencies”. The IT industry also demands a clear legal framework for cooperation with security authorities and the standardization of relevant interfaces.
Because Bitkom also sees the need for effective criminal prosecution in the digital space. But first the basics should be improved. “Investigative authorities must first and foremost be better equipped and develop more digital skills among staff,” says Rohleder. In addition, there is “still a lot of room for improvement” when it comes to networking the authorities internationally.
Incidents are politically instrumentalized In principle, Bitkom recognizes the need for digital intervention options as an instrument of criminal prosecution, but warns to maintain proportionality. The further development of state rights of intervention requires “a detailed weighing of interests” in order to ensure that the measures and the interests concerned remain in balance. The association laments the knee-jerk instrumentalisation of “tragic incidents”, which are “not infrequently taken out of context” and used as an opportunity “to demand more powers for the security authorities”.
Instead, Bitkom would like to a constructive and non-politicized debate about the possibilities of event-related, judicially ordered intervention possibilities in the field of telecommunications (“Lawful Interception”). This must be carried out with broad participation by society as a whole. To this end, Bitkom proposes the establishment of a “Society’s Freedom and Security Committee” to evaluate the relationship between trustworthy digital communication and the interests of criminal prosecution from an ethical and legal point of view.
In the wording: Bitkom’s declaration of principle on encryption IT security is not everything, but without IT security everything is nothing. There needs to be a clear prohibition against deliberately weakening IT by the state or restricting the use of IT protective measures – regardless of whether it is back or front door. Obligation to report and publish discovered security gaps – also for government agencies. Confidentiality of communication is an indivisible fundamental right. The decision-making power over encryption Transferring it to security authorities is neither technically possible nor enforceable. The cooperation between business and Security authorities need a clear legal framework. This applies in particular to event-related, judicially ordered state monitoring options and the standardization of potentially usable interfaces. The security authorities need more and digitally trained personnel in order to be able to exhaust the existing measures, as well as better technical resources. A simplification of the exchange of experience between industry and security authorities can simplify the development of the authorities’ competence. The security competence the user must be sustainably strengthened and a broad social discourse must be established for this. (vbr)
brands: Basic Boss Experience Space media: Heise.de
Related posts
Notice: Undefined variable: all_related in /var/www/vhosts/rondea.com/httpdocs/wp-content/themes/rondea-2-0/single-article.php on line 88
Notice: Undefined variable: all_related in /var/www/vhosts/rondea.com/httpdocs/wp-content/themes/rondea-2-0/single-article.php on line 88
Related Products
Notice: Undefined variable: all_related in /var/www/vhosts/rondea.com/httpdocs/wp-content/themes/rondea-2-0/single-article.php on line 91
Warning: Invalid argument supplied for foreach() in /var/www/vhosts/rondea.com/httpdocs/wp-content/themes/rondea-2-0/single-article.php on line 91