Cybersecurity

A Backdoor Attempt to Require Backdoors to Encryption
Law enforcement authorities complain encryption makes it impossible for them to decipher the communications of criminals and terrorists, so they argue tech companies offering encrypted products and services should provide a way for government to access encrypted information when they need it. Tech companies, backed by many in civil society, counter that encryption is a powerful tool for privacy and security, and weakening it would create far more problems than it would solve.
Read More >>

For a menu of actionable ideas for policymakers related to cybersecurity, see ITIF’s “Tech Policy To-Do List.”

Cybersecurity
Check a box to narrow search for individual content items that cover numerous issues.
May 27, 2020
Cybersecurity in a Time of Physical Distancing
Please join ITIF for a video webinar to discuss the cybersecurity risks facing workers, students, and organizations during the pandemic and how policymakers can help them become more resilient and better prepared to face future challenges.
March 11, 2020
A Backdoor Attempt to Require Backdoors to Encryption
Law enforcement authorities complain encryption makes it impossible for them to decipher the communications of criminals and terrorists, so they argue tech companies offering encrypted products and
March 2, 2020
States and Feds Must Help Local Cybersecurity Efforts
Cyberattacks are on the rise at all levels of government, but many small jurisdictions do not have the resources to protect themselves. Their vulnerability affects states and the federal government, who must pitch in.
December 4, 2019
Weakening Encryption Would Put Vulnerable Populations at Risk
While law enforcement needs tools to protect the public, requiring companies to provide access to encrypted consumer data would have the unintended consequence of putting vulnerable populations at risk without solving law enforcement’s most significant challenges in using digital evidence.
November 8, 2019
Rethinking Government Use of Commercial Exploit Tools After WhatsApp Spying
The recent WhatsApp lawsuit shows the significant risk to individuals, as well as public trust, that comes from allowing commercial systems to remain exploitable.
August 16, 2019
Americans Need Alternatives to ‘Free Credit Monitoring’ After Data Breach
In an op-ed for InsideSources, Daniel Castro writes that companies responsible for data breaches should be required to offer consumers their choice of a menu of security-enhancing products and services.
April 10, 2019
Breaking Up Big Tech Would Not Make Consumer Data More Secure
Taking the bludgeon of anti-trust to tech companies will make cyber security worse, not better.
March 27, 2019
Allowing Companies to Hack Back: Good Security or Vigilante Justice?
From data breaches to denial of service attacks, the private sector routinely faces a barrage of threats from those seeking to wreak havoc on their digital systems. When faced with an attack, companies can take steps to secure their own systems, but they are not authorized to retaliate against any system that they do not own. What are the domestic and international implications of authorizing private entities to engage in offensive cybersecurity operations?
December 19, 2018
Australia’s Embarrassing Crackdown on Its Own Information Security
The United States and likeminded countries should not repeat Australia’s mistakes and should instead embrace strong encryption—not try to cripple it.
September 1, 2018
Boosting State Website Security
In a column for Government Technology, Daniel Castro explains how states can improve the security of their government websites by implementing DNSSEC all state government domains.

Pages