The Importance of Protecting Privacy and Integrity of Data and Communications

[upnorth]

Content source

https://www.prnewswire.com/news-releases/the-importance-of-protecting-the-privacy-and-integrity-of-data-and-communications-300671266.html

IEEE, the world's largest technical professional organization dedicated to advancing technology for humanity, today issued a statement that strong encryption is essential to protect individuals, businesses and governments from malicious cyber activities. As an organization committed to developing trust in technologies through transparency, technical community building, and partnerships across the globe, IEEE supports the use of strong encryption to protect the privacy and integrity of data and communications. Measures that reduce security of information or that facilitate the misuse of secure information and control systems can damage trust. Loss of trust will impede the ability of those technologies to achieve much broader societal benefits.

IEEE supports the use of unfettered strong encryption to protect confidentiality and integrity of data and communications. We oppose efforts by governments to restrict the use of strong encryption and/or to mandate exceptional access mechanisms such as “backdoors” or “key escrow schemes” in order to facilitate government access to encrypted data. Governments have legitimate law enforcement and national security interests. IEEE believes that mandating the intentional creation of backdoors or escrow schemes — no matter how well intentioned — does not serve those interests well and will lead to the creation of vulnerabilities that would result in unforeseen effects as well as some predictable negative consequences.

1. Strong encryption is essential for the protection of individuals, businesses and governments from malicious cyber activities. Encryption protects confidentiality and integrity of data and communications. Almost all of internet commerce relies on encryption to protect data.

2. Exceptional access mechanisms would create risks by allowing malicious actors to exploit weakened systems or embedded vulnerabilities for nefarious purposes. Knowing that exceptional access mechanisms exist would allow malicious actors to focus on finding and exploiting them. Centralized key escrow schemes would create the risk that an adversary would have an opportunity to compromise security of all participants, including those who were not specifically targeted. As a result, the risk of successful cyber-theft, cyber-espionage, cyberattack, and cyberterrorism could increase. The consequences of malicious cyber activities to individuals and society might take many forms — including direct financial losses; identity theft; intellectual property theft and theft of sensitive business information; damage to critical infrastructure ; damage to national security; reputational damage; opportunity costs such as lost productivity; and even possibly loss of life when computer systems that support essential functions are disabled. Additionally, by increasing the risk of malicious alterations to data, extraordinary access mechanisms could reduce trust in authenticity of data and might lead to decision-making errors and miscalculations.

IEEE Position Statement In Support of Strong Encryption