The US Claims It Doesn't Need A Court Order To Ask Tech Companies To Build Encryption Backdoors

US federal authorities say they can request a US tech company build surveillance backdoors into their products without any kind of court order, according to statements from July released this weekend, ZDNet reported.

Director of National Intelligence Dan Coats. Photo: AP

According to the documents, intelligence officials told members of the US Senate Intelligence Committee that there's no need for them to approach courts before requesting a tech company help wilfully - though they can always resort to obtaining a Foreign Intelligence Surveillance Court order if the company refuses. The documents show officials testified they had never needed to obtain such an FISC order, though they declined to tell the committee whether they had "ever asked a company to add an encryption backdoor," per ZDNet. Other reporting has suggested the FISC has the power to authorise US government personnel to compel such technical assistance without even notifying the FISC of what exactly is required.

Section 702 of the Foreign Intelligence Surveillance Act gives authorities additional powers to compel service providers to build backdoors into their products. Though Section 702 is set to expire at the end of the year, it remains vehemently supported by intelligence agencies, and the current Republican-controlled Congress is generally not the type of crowd to oppose them.

Even requiring a court order isn't even really a great solution on its own, as the FISC has generally granted the government broad surveillance powers in court rulings. In 2013, NPR reported the FISC was essentially a "rubber stamp", as almost all of its proceedings are secret and it almost never rejects government surveillance requests.

The most high-profile fight over encryption to date has involved Apple and the FBI - the latter of which has insisted it needs the power to compel tech companies to help them bypass security on devices such as terrorists' iPhones, despite the fact the backdoors could be exploited by anyone with knowledge of them. However, as ZDNet noted, during the FBI's failed court battle against Apple, it cited a different authority than Section 702.




    So basically this is only going to affect Apple as they are the only US company making phones.

      Microsoft make computers. Google make phones (or at least the OS which is what matters). Just about every cloud provider is also US based. I'm sure they could force MS to hand over data from their Aus data centres too. It's all secret, you go to jail if you tell anyone and there is no recourse.

        Why stop at the actual end-device level?
        Cisco for instance is a US company, and makes networking gear for multiple levels of the internet routing structure (ISPs, enterprise, small business, home). Why back end the computer when you could just silently copy everything going to or from it (without the computer knowing)?

          They have and do for specific targets. (Public knowledge)

          However if they (US businesses) were caught out with such back-doors (and this goes for all US tech companies) on by default. Their brand reputations would be destroyed. You can no longer trust the security of the security vendors. I honestly cant wait for them to start mandate back-doors. It would destroy the US tech industry.

          Less Government, not more.

          That's why you have encryption on your devices. It's just backdoors all the way down...

        Good point. We're all screwed and if that's the case then maybe Samsung's tisem (or whatever it's other os is called might take off). Stupid paranoid America

      Is this just about phones, though? I just see references to building backdoors in encryption? So that would also include Cisco - who are the makers of enormous parts of the backbone of the internet - among many other things (their current price list has almost 1.3 million SKUs!). If these companies (Apple, Microsoft, Cisco, Juniper, Brocade/Extreme, etc.) capitulated pretty much anything that you do on the internet, from anywhere on the planet, could be open for these organisations to observe. That may be a big 'if', but it's no longer outside the realm of possibility.

        Shit, never thought about that. That's not good at all.

    So how can a super rich company like Apple make its customers feel good about a backdoor in all its phones. Will they use the ever popular "If you're doing nothing wrong then you have nothing to fear."?

    No seriously, that country sinks further into the abyss everytime I read or hear a new story about it. What they need is to break up into individual states and fight it out!

    Oh and before those who visit here without any sense of humour crap their pants, clearly the comment is tongue in cheek.

    No, but seriously..

    Last edited 06/12/17 11:36 am

    I'd guess that the reason the US doesn't trust Kaspersky is because if Kaspersky was a US company, the US government would be screwing Kaspersky to the wall in order to gain access to whatever data may be stored on the computers of people-of-interest in Russia, Iran, China, Israel.

    If we would do it, we must assume they ARE doing it.

Join the discussion!

Trending Stories Right Now