The National Security Agency is embroiled in a battle with tech companies over access to encrypted data that would allow it to spy (more easily) on millions of Americans and international citizens. Last month, companies like Google, Microsoft, and Apple urged the Obama administration to put an end to the NSA's bulk collection of metadata. The NSA, on the other hand, continues to parade the idea that the government needs access to encrypted data on smartphones and other devices to track and prevent criminal activity. Now, NSA director Michael S. Rogers says he might have a solution.
During a recent speech at Princeton University, Rogers suggested tech companies could create a master multi-part encryption key capable of unlocking any device, The Washington Post reports. That way, if the key were broken into pieces, no single person would have the ability to use it.
"I don't want a back door."
"I don’t want a back door," Rogers said. "I want a front door. And I want the front door to have multiple locks. Big locks."
The suggestion comes as Congress considers a new framework for handling encrypted data. Government and law enforcement officials say total encryption could stand in the way of national security operations, while leaders in the tech industry and advocacy groups say the government shouldn't have complete, unobstructed access to citizens' private communications.
During this year's South by Southwest festival, Edward Snowden held a secret meeting in which he said tech companies needed to take a stronger position against NSA surveillance. He said companies should adopt more secure technology that could block surveillance altogether, and championed end-to-end encryption, which would mean no one except the sender and recipient would have access to private communications.
A master encryption key still creates vulnerabilities
Rogers suggests the adoption of "front door" access will allow for essential security measures while keeping data safe from hackers or an outside attack. But opponents of the idea note that even broken into pieces, a master digital key creates security flaws. "There’s no way to do this where you don’t have unintentional vulnerabilities," Donna Dodson, chief cybersecurity adviser at the Commerce Department’s National Institute of Standards and Technologies, told the Post.