Law enforcement authorities complain encryption makes it impossible for them to decipher the communications of criminals and terrorists, so they argue tech companies offering encrypted products and services should provide a way for government to access encrypted information when they need it. Tech companies, backed by many in civil society, counter that encryption is a powerful tool for privacy and security, and weakening it would create far more problems than it would solve.
May 27, 2020
Please join ITIF for a video webinar to discuss the cybersecurity risks facing workers, students, and organizations during the pandemic and how policymakers can help them become more resilient and better prepared to face future challenges.
March 11, 2020
Law enforcement authorities complain encryption makes it impossible for them to decipher the communications of criminals and terrorists, so they argue tech companies offering encrypted products and
March 2, 2020
Cyberattacks are on the rise at all levels of government, but many small jurisdictions do not have the resources to protect themselves. Their vulnerability affects states and the federal government, who must pitch in.
December 4, 2019
While law enforcement needs tools to protect the public, requiring companies to provide access to encrypted consumer data would have the unintended consequence of putting vulnerable populations at risk without solving law enforcement’s most significant challenges in using digital evidence.
November 8, 2019
The recent WhatsApp lawsuit shows the significant risk to individuals, as well as public trust, that comes from allowing commercial systems to remain exploitable.
August 16, 2019
In an op-ed for InsideSources, Daniel Castro writes that companies responsible for data breaches should be required to offer consumers their choice of a menu of security-enhancing products and services.
April 10, 2019
Taking the bludgeon of anti-trust to tech companies will make cyber security worse, not better.
March 27, 2019
From data breaches to denial of service attacks, the private sector routinely faces a barrage of threats from those seeking to wreak havoc on their digital systems. When faced with an attack, companies can take steps to secure their own systems, but they are not authorized to retaliate against any system that they do not own. What are the domestic and international implications of authorizing private entities to engage in offensive cybersecurity operations?
December 19, 2018
The United States and likeminded countries should not repeat Australia’s mistakes and should instead embrace strong encryption—not try to cripple it.
September 1, 2018
In a column for Government Technology, Daniel Castro explains how states can improve the security of their government websites by implementing DNSSEC all state government domains.