Cybersecurity Experts Recommend Against Encryption Backdoors For Government Agencies

A group of the world's top cybersecurity experts recommend against giving government agencies like the FBI and the National Security Agency backdoor access to the encrypted information stored by tech giants like Google and Facebook, saying it would put sensitive data at risk of being compromised by hackers. The experts took their stance in a paper issued this week prior to an upcoming Senate Judiciary Committee hearing where U.S. officials are scheduled to speak about why government agencies need access to this kind of data to defend national security and enforce the law.

In the past year, law officials have faced off with privacy advocates and tech companies hoping to gain so-called exceptional access to their encrypted data.

"These proposals are unworkable in practice, raise enormous legal and ethical questions, and would undo progress on security at a time when Internet vulnerabilities are causing extreme economic harm," the experts said in the paper. "We find that it would pose far more grave security risks, imperil innovation, and raise thorny issues for human rights and international relations."

The cybersecurity experts argue that creating these backdoor keys would require tech companies to avoid using the best security practices, making the sensitive data they store for their users vulnerable to hackers. Additionally, creating these kinds of systems would require complex configurations, which typically create more loopholes that can be exploited by hackers. What's more, if agencies like the FBI or NSA were breached, those backdoor keys could be used by hackers to access the consumer data stored by tech companies. Those are now plausible scenarios following recent breaches into the systems of the U.S. Office of Personnel Management and the Interior Department.

Finally, giving backdoor access to agencies in the U.S. or the United Kingdom could set a bad precedent and lead countries like China and Russia to demand similar access from American companies that offer services within their borders, the security experts said.

"Such access will open doors through which criminals and malicious nation-states can attack the very individuals law enforcement seeks to defend. The costs would be substantial, the damage to innovation severe, and the consequences to economic growth difficult to predict," the paper reads.