The National Academies Press

Currently Skimming:

1 Introduction
Pages 5-13

The Chapter Skim interface presents what we've algorithmically identified as the most significant single chunk of text within every page in the chapter.
Select key terms on the right to highlight them within pages of the chapter.

From page 5... ... Only in the past decade, however, has encryption been widely used for ordinary communications and stored data. As laptops and smartphones developed the potential to contain large amounts of sensitive information and grew in popularity, and as states adopted data breach notification laws1 that provided a safe harbor in cases where lost personal data had been encrypted, full-disk encryption was introduced. Read the entire page →
From page 6... ... Vendors reacted quickly to expand encryption of data and communications by default to help distance themselves from those government programs. Today, encryption protects information stored on or in transit between smartphones, laptops, and other devices and information stored on enterprise servers and in the cloud. Read the entire page →
From page 7... ... We have the legal authority to intercept and access communications and information pursuant to court order, but we often lack the technical ability to do so.4 2 Nonmilitary cryptography exports from the United States are controlled by the Department of Commerce. The current regulations are complex but, generally speaking, require registration, notification, or review for products using encryption exceeding specified key lengths and require a license for export to certain countries. Read the entire page →
From page 8... ... Former National Security Agency (NSA) Director Mike McConnell observed that despite the abandonment of the 1990s effort to require exceptional access, the agency's ability to collect signals intelligence is better than at any point in history.7 Both perspectives share a common element: as the amount of data increases rapidly, there is both more data than ever of relevance to investigations and more data than ever that is inaccessible to investigators. Read the entire page →
From page 9... ... Finally, the chapter previews the high-level questions in the evaluation framework that is discussed in more detail in Chapter 7. GOVERNMENT OPTIONS There are a wide variety of legal and technical options available to governments that seek access to plaintext for law enforcement and intelligence investigations. Read the entire page →
From page 10... ... • Protecting public safety where access to encrypted communications or data on encrypted devices or files is sought to investigate and prosecute crimes and disrupt ongoing criminal or terrorist activity. • Protecting national security where access to encrypted communications or data on encrypted devices is sought for foreign intelligence collection. Read the entire page →
From page 11... ... This option could, of course, be pursued regardless of whether other legislative action is taken. • Enact legislation that requires that device vendors or service providers provide government access to plaintext without specifying the technical means of doing so. Read the entire page →
From page 12... ... EVALUATION FRAMEWORK Chapter 7 provides an evaluation framework in the form of questions that the committee believes must be addressed in any proposal to provide government access to plaintext. The objective of this framework is not only to help policymakers determine whether a particular approach is optimal or desirable, but also to help ensure that any approach that policymakers might pursue is implemented in a way that maximizes its effectiveness while minimizing harmful side effects. Read the entire page →
From page 13... ... 3. To what extent will the proposed approach affect the privacy, civil liberties, and human rights of targeted individuals and others? Read the entire page →

From page 5...

... Only in the past decade, however, has encryption been widely used for ordinary communications and stored data. As laptops and smartphones developed the potential to contain large amounts of sensitive information and grew in popularity, and as states adopted data breach notification laws1 that provided a safe harbor in cases where lost personal data had been encrypted, full-disk encryption was introduced.

Read the entire page →

From page 6...

... Vendors reacted quickly to expand encryption of data and communications by default to help distance themselves from those government programs. Today, encryption protects information stored on or in transit between smartphones, laptops, and other devices and information stored on enterprise servers and in the cloud.

Read the entire page →

From page 7...

... We have the legal authority to intercept and access communications and information pursuant to court order, but we often lack the technical ability to do so.4 2 Nonmilitary cryptography exports from the United States are controlled by the Department of Commerce. The current regulations are complex but, generally speaking, require registration, notification, or review for products using encryption exceeding specified key lengths and require a license for export to certain countries.

Read the entire page →

From page 8...

... Former National Security Agency (NSA) Director Mike McConnell observed that despite the abandonment of the 1990s effort to require exceptional access, the agency's ability to collect signals intelligence is better than at any point in history.7 Both perspectives share a common element: as the amount of data increases rapidly, there is both more data than ever of relevance to investigations and more data than ever that is inaccessible to investigators.

Read the entire page →

From page 9...

... Finally, the chapter previews the high-level questions in the evaluation framework that is discussed in more detail in Chapter 7. GOVERNMENT OPTIONS There are a wide variety of legal and technical options available to governments that seek access to plaintext for law enforcement and intelligence investigations.

Read the entire page →

From page 10...

... • Protecting public safety where access to encrypted communications or data on encrypted devices or files is sought to investigate and prosecute crimes and disrupt ongoing criminal or terrorist activity. • Protecting national security where access to encrypted communications or data on encrypted devices is sought for foreign intelligence collection.

Read the entire page →

From page 11...

... This option could, of course, be pursued regardless of whether other legislative action is taken. • Enact legislation that requires that device vendors or service providers provide government access to plaintext without specifying the technical means of doing so.

Read the entire page →

From page 12...

... EVALUATION FRAMEWORK Chapter 7 provides an evaluation framework in the form of questions that the committee believes must be addressed in any proposal to provide government access to plaintext. The objective of this framework is not only to help policymakers determine whether a particular approach is optimal or desirable, but also to help ensure that any approach that policymakers might pursue is implemented in a way that maximizes its effectiveness while minimizing harmful side effects.

Read the entire page →

From page 13...

... 3. To what extent will the proposed approach affect the privacy, civil liberties, and human rights of targeted individuals and others?

Read the entire page →

← Previous Chapter Skim

Next Chapter Skim →

This material may be derived from roughly machine-read images, and so is provided only to facilitate research.
More information on Chapter Skim is available.

1 Introduction Pages 5-13

1 Introduction
Pages 5-13