THINKPolicy #3: Preserving the Integrity of Encryption

Share this post:

When people see a small padlock icon in their web browser, it gives them a measure of confidence. A sense that their online interactions are secure from prying eyes. At a time when personal information is being stolen from millions of people and sold in black markets across the Internet, that padlock and the security it represents are more important than ever.

Encryption is essential to modern international business. It is used to enable secure communications and transactions with customers, to protect personal and proprietary information, and to prevent the theft of technological innovations born from substantial investments in research and development.

The worldwide explosion of data has prompted governments to vigorously debate the implications of encryption in a range of areas— from trade to national security. Law enforcement agencies in particular have turned their attention to commercial encryption as a potential obstacle to tracking down terrorists and other criminal actors who may use encrypted devices and services to conceal their communications.

This “Going Dark” problem, as the FBI calls it, is a real challenge for law enforcement. IBM fully supports the need for governments to protect their citizens from evolving threats. In one such area, the fight against cyber crime, we have made considerable investments to better protect our clients’ operations as well as our own.

Weakening encryption technology, however, is not the answer to fighting a new generation of digitally-enabled criminal. Encryption is simply too prevalent and necessary in modern society. A government mandated encryption weakness in certain products would only prompt the bad guys to find other means to protect their communications, and leave the good guys more vulnerable to cyber crime, privacy threats or worse.

For these reasons, IBM firmly opposes any government effort to undermine the integrity of commercial encryption and cryptography products. In a 2014 Open Letter to clients, IBM stated clearly that it does not put back doors in any of its products, and that governments should not mandate means to subvert encryption. Our clients, including some of the world’s largest and most respected businesses, trust IBM as a responsible steward of their most sensitive information. Our business, like others in the U.S. technology industry, depends on that trust.

dl-boxcloud-com2

That said, it is possible to be both a fierce defender of encryption and a responsible citizen. “Going Dark” is a legitimate 21st century challenge, and we should not turn a blind eye to it.  We are open to contributing IBM’s considerable technical expertise to a transparent, inclusive discussion on how the privacy and security of data can be maintained while preserving law enforcement’s ability to conduct lawful investigations of criminal activity.  This is no easy task, with no immediately obvious answers. But at IBM, we are technology optimists. We believe problems like these can be solved through innovation and collaboration.

The Obama Administration recently declared that it will not seek legislation requiring technology companies to compromise their encryption systems. This is welcome news, and we commend the Administration for recognizing that data security is fundamental to data privacy. Now, let’s Outthink the limits of what seems daunting today, and work together on solutions that will help keep us all secure tomorrow.

###

Media Contact:

Adam R. Pratt

arpratt@us.ibm.com

Ph: (202) 551-9625

More stories

Bias in AI: How we Build Fair AI Systems and Less-Biased Humans

Artificial intelligence (AI) offers enormous potential to transform our businesses, solve some of our toughest problems and inspire the world to a better future. But our AI systems are only as good as the data we put into them.

Continue reading

A New Public-Private Partnership to Advance Cybersecurity in France

IBM today opened its new Security Operations Center (SOC) in Lille, France. The SOC offers security incident and response services to organisations that are at the heart of the French society and economy. Operating 24 hours a day, seven days a week, the security center team will monitor the latest security events, assess their potential impact […]

Continue reading

Four decades. Nine jobs. One company. Meet Albert, IBM’s first-ever new collar employee.

Nearly 40 years before the first class of P-TECH students graduated high school with an associate’s degree and a pathway to a new collar career in tech (and before the term “new collar” was even coined), Albert Schneider was on his way to becoming the first new collar IBMer. Albert began working full time after […]

Continue reading