Cybercriminals Would ‘Very Likely’ Access Encrypted Data if Government Required Aid to Law Enforcement Investigations
81 Percent of Security Professionals in Survey Say Evildoers Would Abuse Capability
Tripwire, Inc., a global provider of endpoint protection and response, security and compliance solutions, announced the results of a survey of 198 security professionals on the issue of whether technology companies should be legally required to provide government agencies access to encrypted data as part of investigations.
Of those surveyed, 81 percent of respondents said it is either very likely or certain that cybercriminals would abuse the government’s capability to access encrypted data if technology companies are required to provide it. The survey was taken among those attending the recent RSA Conference 2016 in San Francisco.
The survey results come as Apple and the FBI have been engaged in a legal battle over the federal government’s right to require built-in smartphone encryption software that could aid law enforcement investigations. This debate has moved to Capitol Hill as pressure grows for Congress to pass updated laws clarifying technology companies’ responsibility to provide access to customers’ encrypted data.
“Security professionals are very suspicious of any decision that redefines what’s acceptable and what’s not when it comes to security and privacy,” said Dwayne Melancon, CTO and vice president of research and development for Tripwire. “It’s no surprise that the majority of the respondents at a security conference are concerned about this decision and, regardless of how it is resolved, it will have a lasting impact on security and privacy.”
Among other survey findings, 82 percent of respondents said government agencies would abuse their right to access encrypted data if technology companies were required to provide it. Over half said technology firms should be required to provide access to encrypted data on consumer devices if law enforcement serves them with a warrant or subpoena. When asked about the impact this change would have on consumer and enterprise privacy and security, 88 percent said it will reduce security and privacy.