Data encryption a threat to fighting child sexual abuse, says DOJ

The U.S. Department of Justice has released an international statement claiming that end-to-end encryption “poses significant challenges to public safety,” including sexually exploited children. 

In an Oct. 11 statement from the DoJ, the agency called on technology companies to work with the government to find a solution for strong data encryption with the means to allow the investigation of illegal activity and content. The department stated end-to-end encryption that hindered law enforcement from accessing certain content creates “severe risks to public safety.”

The statement was signed by the DoJ, the Home Department of the United Kingdom, the Australian Minister for Home Affairs, India, Japan, a New Zealand Member of Parliament and the Minister of Public Safety and Emergency Preparedness of Canada.

In particular, the DoJ stated such encryption — in which only the senders and receivers can access the data being sent — undermined law enforcement from “investigating serious crimes” and “protecting national security.” In addition, a tech company’s ability to identify and respond to child sexual exploitation and abuse, violent crime, and terrorist propaganda may be compromised, claimed the department.

Citing a 2019 report from the National Center for Missing and Exploited Children (NCMEC), the government agency implied end-to-end encryption needed to be implemented with a solution to safeguard children, or it would undermine the current system of reporting such exploitation.

“In 2018, Facebook Messenger was responsible for nearly 12 million of the 18.4 million worldwide reports of CSAM [child sexual abuse material to the NCMEC],” the DoJ said, citing a 2019 statement from the WePROTECT Global Alliance. “These reports risk disappearing if end-to-end encryption is implemented by default, since current tools used to detect CSAM do not work in end-to-end encrypted environments.”

Elected officials in the United States have already acted to seek a legislative solution to investigating the illicit activities to which the DoJ referred.

In June, three Republican senators put forth a bill that would outlaw end-to-end encryption for technology companies, requiring device manufacturers and service providers to assist law enforcement by providing access to encrypted data. The bill, named The Lawful Access to Encrypted Data Act, is currently under review in the Committee on the Judiciary. There is also the EARN IT Act, a proposed bill that would require digital messages to first pass through government-approved scanning software in order to monitor for malicious criminal activity.

Proponents of both bills have claimed their purpose would include protecting children from sexual abuse. However, many privacy advocates have heavily criticized the bills’ sponsors for what they perceive as the government encroaching on personal freedoms.

Though its statement focused on end-to-end encryption, the DoJ stated it would extend its efforts to “device encryption, custom encrypted applications and encryption across integrated platforms.” The government agency claimed it would hold a “respect for privacy” at the forefront of any legal framework.

“We challenge the assertion that public safety cannot be protected without compromising privacy or cyber security,” the DoJ stated.

Data encryption a threat to fighting child sexual abuse, says DOJ

Source

Related Articles

New Advanced Android Malware Posing as “System Update”

Another week, and another major mobile security risk. A few weeks ago, Zimperium zLabs researchers disclosed unsecured cloud configurations exposing information in thousands of legitimate iOS and Android apps (you can read more about it in our blog). This week, zLabs is warning Android users about a sophisticated new malicious app. The new malware disguises … Read More

The post New Advanced Android Malware Posing as “System Update” appeared first on Zimperium Mobile Security Blog.

2021: Looking Ahead

A lot of ink has been spilled about 2020 — about its rolling disasters and general upheaval. But here, in this post, we don’t want to dwell on the negative. We want to talk about the positives that happened in 2020, and share our excitement… read more

c0ntextomy – Let’s Debug Together: CVE-2020-9992

Apple recently released the long awaited iOS/iPadOS 14.0 update alongside an updated Xcode 12.0. As part of this update, Apple fixed a vulnerability in the Development Tools, that was reported earlier this year as a joint effort by our Zimperium zLabs researcher and VP of Product Security Nikias Bassen, and an independent security researcher, Dany … Read More

The post c0ntextomy – Let’s Debug Together: CVE-2020-9992 appeared first on Zimperium Mobile Security Blog.