Responding to complaints by the US government over mobile device encryption, Google chairman Eric Schmidt has said the company’s hand was forced by government hacking.
Google chairman Eric Schmidt has fired a blunt response to representatives of the US government who have criticised Google’s and Apple’s recent efforts to step up encryption in their respective mobile operating systems, Android and iOS.
“There’s a current kerfuffle over the default encryption in the iPhone 6. But the people who are criticising this should have expected this," Schmidt said at an open panel on Wednesday hosted by Joe Wyden, chairman of the US senate finance committee.
With the release of iOS 8, Apple said it no longer held encryption keys to devices running the OS, which meant that the only way to access to a locked iOS device was by knowing the passcode. Google announced last month that Android L, it’s next operating system due this year, would have deviceencryption on by default, making it more difficult for law enforcement to access information stored on a device.
Law enforcement can still gain access to for example an iCloud account associated with an iPhone, but they wouldn’t be able to press Apple for access to the device itself.
Outgoing Attorney General Eric Holder earlier this month criticised Apple and Google, saying law enforcement shouldn’t be prevented from accessing information when investigating a crime.
Schmidt said Google’s decision to block law enforcement was a response to actions by the National Security Agency (NSA) and the UK’s GCHQ against Google infrastructure. The agencies' attacks on Google were carried out under the project MUSCULAR, which compromised communications links between Google and Yahoo data centres.
“After Google was attacked by the British version of the NSA, we were annoyed to no end so we put end-to-end encryption at rest as well as throughout our systems, making it essentially impossible of any kind to get that information. The further encryption in iPhone 6 has been optional in Android for.. the last three years. We’re making it by default as well,” said Schmidt.
Also present on the panel was Microsoft’s chief legal counsel Brad Smith. Microsoft is currently contesting a US warrant for email stored in its Dublin, Ireland data centre. The company is challenging the US’ Electronic Communications Privacy Act, which as it stands, allows US law enforcement to search property overseas without physically entering that property.
Microsoft’s biggest concern is that Europe becomes like China, where foreign cloud companies are required by law to host customer data in a data centre that is owned by a local company.
Smith said he fears that a European country could enact such a law. German chancellor Angela Merkel has previously indicated interest in citizen's ability to find email services supplied from within Europe rather than the US.
“Most people are more likely to trust their own government than someone else’s. So what you would see is a law in a country in Europe that says that people’s data can only be put in a data centre that is only run by a company from that country,” said Smith.
Schmidt agreed with Smith, adding that current US laws could jeopardise one of America’s only growth sectors.
“Data localisation means it will be owned by a non-American company. That means the future of the internet companies is half of what it could be if that spreads, roughly speaking…. So this is an industry that rivals the scale of any American industry and we’re one of the two or three that have provided economic growth for America for the last decade,” said Schmidt.
“We’re screwing around with those kinds of concepts without considering that that’s a national emergency… if this kind of thing continues, we have a much more serious problem on our hands because it will affect America.”
This article is brought to you by Enex TestLab, content directors for CSO Australia.
- Google, Facebook to discuss online extremism at dinner with EU officials
- Oracle to pour 155 fixes on top of Microsoft and Flash Patch Tuesday
- The week in security: Australian cloud, managed security capabilities bolstered
- Governments must tap mobiles to support online identity schemes: GSMA
- How did last year's security predictions pan out?
- Enterprise-grade authentication needed to secure exploding public Wi-Fi services
- Apple Pay: 42 percent of people don’t feel secure using it