Private communication should not be intercepted without a court determining “probable cause” of a crime.
THE federal government’s court case seeking to compel Apple to write a program to break the encryption on its iPhone is the latest salvo in a battle that usually pits the security needs of government seeking to thwart crime against the privacy interests of individual citizens.
The relationship between privacy and security, however, is not so simple and we need to rethink the axiom of whether privacy always comes at the cost of reduced security, and vice versa.
In state government, we believe that stronger privacy protections can work hand-in-hand with better data management and crime prevention, helping us fulfill our charter to protect the rights of 7 million citizens.
The iPhone decryption controversy has stirred the pot in the privacy versus security debate, with the FBI contending that it is only seeking the communications that can be gleaned from a single iPhone of a known terrorist and Apple arguing that if it builds a computer-decryption operating system for this purpose, it would inevitably be demanded both by the U.S. and by foreign governments in the future.
The Chinese government, in fact, has already indicated that it wants a “backdoor” key to the iPhone and similar products. There are “edge cases” such as this one, wherein courts must weigh competing values and try to predict the downstream effects for technology and the impact on consumers. Because user privacy is a paramount value in our society, we should do everything possible to promote strong security for an individual’s data protection before making exceptions to this rule.
Technology companies, such as Microsoft and Google, are watching this debate and advocating for a private company’s right to build strong security for its customers without giving the government backdoor access to private communication. This is not a cynical attempt to gain favor with their user base, but rather a response to federal government overstepping by intercepting emails and phone call data under the Patriot Act. Even while the pendulum has swung back in this area as Congress has passed new restrictions on National Security Agency surveillance activities, we need to remain vigilant and not return to a climate where the privacy rights of Americans are routinely disregarded.
After the Apple iPhone case is settled, we should encourage a more fruitful debate with a focus on respecting core principles that inhere in American Law:
First, that a private communication should not be intercepted without a court determining “probable cause” of a crime. This would further limit the scope of existing NSA intercept programs, but allow decryption of data in confirmed cases.
Second, that American companies should be allowed to offer secure communications devices and networks for private citizens, recognizing that professional criminals are already making widespread use of the Tor network and other “dark web” products aimed at anonymous communication and available in the unregulated and untraceable corners of the Internet.
Third, that citizens must give consent to the use or sharing of personal information beyond the original purpose for which it was provided.
Our state is a recognized leader in the development of software programs, e-commerce and a wide variety of advanced technologies. We should have a voice in critical issues affecting consumer protection and e-commerce. We earned our reputation through the brilliant work and inventive spirit of entrepreneurs, such as Bill Gates and Jeff Bezos, and scientists such as the University of Washington’s Shwetak Patel, recipient of a MacArthur Foundation’s genius grant. While the private sector constitutes the engine of our high-tech economy, state government can play a critical role in ensuring that we create a fertile atmosphere for talented people and innovative companies.
Whenever possible, Washington state should craft laws according to principles that protect the public interest and not simply attempt to regulate a new technology due to publicity and misconceptions. This year, Gov. Jay Inslee has issued executive orders on privacy and data protection, and announced a new partnership with the U.S. Department of Homeland Security to protect our critical infrastructure from cyberattacks. In the current legislative session, we should be encouraged that forward-looking bills have been introduced to address privacy, cybercrime and protecting biometric data.
There’s an axiom, “The Law always lags behind technology.” But Washington is well-positioned to lead the way on security and privacy issues. Keeping pace with the rapidly changing landscape of the digital age presents multiple challenges on multiple fronts. But if we adhere to basic principles protecting the rights of our citizens, we will be off to a good start.