Crack open a Club-Mate and raise a glass to strong crypto. There’s reason to celebrate.
Today, the 100,000th person signed our petition calling on President Obama to reject compelled backdoors in our communications.
The campaign, hosted at SaveCrypto.org, uses the White House's We the People API to feed signatures into a petition hosted on Obama’s preferred petition platform. The campaign was the work of over 40 nonprofits and tech companies, including Access Now, Fight for the Future, OpenMedia, Mozilla, Sum of Us, Twitter, Google, and DropBox. President Obama has promised to respond to any petition that gets 100,000 signatures within 30 days.
We made it with time to spare.
What does this mean? The petition lays out high-level concepts, like the value of encryption to a strong, secure Internet that we can all trust. And it also has some clear specifications: that undermining our rights shouldn’t be part of “legislation, executive order, or private agreement.”
This is a particularly important distinction because while Obama has been leaking to the press that he won’t be promoting legislation any time soon that would force tech companies to include backdoors, he hasn’t said much about whether he will continue to pressure companies both in public and, more worryingly, behind the scenes.
Legislation we can fight. We can analyze the text, rally our supporters, and pressure legislators in the court of public opinion. But when government agents put unofficial pressure on major tech companies to compromise their systems (and our security), the battleground is secret—and devoid of the voices of users who are actually impacted. It’s hard to fight an agreement that is never publicized, hard to criticize a practice that has never seen the light of day.
Today, thanks to the efforts of whistleblowers and investigative journalists and a handful of tech companies who were willing to face complicated legal battles, we are aware of times when the United States government has tried to force Internet companies to betray their users’ trust. For example, Reuters published a disturbing report showing how the NSA apparently compromised security industry mainstay RSA and enticed them with a $10 million payment to make an intentionally flawed and later-discredited cryptographic algorithm the default—introducing a backdoor into untold computer systems.
We shouldn’t need whistleblowers or reporters to shed light on these types of practices because they shouldn’t be happening at all. As citizens of the Web, we should expect that the services we use to share and store our intimate and personal data—emails, photos, medical data, location information, and so much more—are secure.
Nobody would buy a house that the government had wired with listening devices. And nobody wants to use an Internet in which our digital service providers are forced to bake in backdoors to our communications.
Now the ball is in Obama’s court. We’ll be watching closely to measure his response against the demand of 100,000 people. Will Obama attempt to dodge the issue, offering half-responses that leave the question of unofficial pressure unresolved? Or will he commit to rejecting laws, policies, and private agreements that would pressure or force companies to compromise the security of our encrypted communications?
It’s your move, Mr. President.
Text of petition:
Reject any law, policy, or mandate that would undermine our security.
The government should not erode the security of our devices or applications, pressure companies to keep and allow government access to our data, mandate implementation of vulnerabilities or backdoors into products, or have disproportionate access to the keys to private data.
We demand privacy, security, and integrity for our communications and systems. As a public, we should be confident that the services we use haven’t been weakened or compromised by government mandate or pressure. No legislation, executive order, or private agreement with the government should undermine our rights.
Weakening encryption weakens the entire Internet. Please endorse strong encryption, and encourage other world leaders to do the same.
Add your name at Savecrypto.org.