Ever since Edward Snowden opened up the door on data privacy and the fact that the NSA were strong-arming technology companies into providing them with access to users data there has been an ongoing debate on both the legality and the morality of data privacy and the abuse of that privacy.
More recently the head of the NSA, Admiral Michael S. Rogers has stated up front that the NSA are advocates for a new method of controlled access to users private data labelled as front door access.
Split key access
The system that is being proposed by the NSA would see some form of shared “key” being given to multiple parties – namely the companies that own the data and the security agencies. These keys would only provide access to confidential data when used in conjunction with each other. The idea behind this plan is that data could only be accessed in just circumstances, for example where national security was at stake, and with the agreement of all parties.
There are several implementations of this type of security system, the method mentioned above is known as split keys because all of the keys must be used together to gain access to the data while the users or data owners are the only ones that have exclusive access. Another popular method known as key escrow simply involves a third party being given a copy of the key and therefor having dual access along with the user.
Regardless of the system that is ultimately used, the idea is the same – the NSA want access to our private and confidential data but rather than doing it behind closed doors like they once did they want everyone to be aware that they have access to that data in the hope that we trust their legitimate and responsible access to it.
What do the NSA need access to our data?
The NSA does have a very sound argument that backs their requirement for being able to access our private data. They make this request in the interest of national security – they are not planning to use this access to foil common crimes or to snoop on the average person but rather as a method of surveillance in cases of national security. If there are communication methods that are totally unbreakable then it will always leave doors open for terrorists to operate without any fear of interception and this is something that the NSA feel can easily be avoided with such as system in place.
So what is the problem with front door access?
The problem with any type of access to confidential data by the NSA has always been the same – the average person feels like their privacy is being abused if someone potentially has access to all of their confidential data. Many people consider this a breach of their human rights.
Aside from the average person’s opinion on the matter there are also new security risks that come with allowing this level of data access to certain organisations. The fact is that if this data is accessible by some parties then it opens up the possibility that other less legitimate parties may also gain access to the data.
Furthermore the problem with front door access to private data is that criminal organisations and other hacker organisations will know that those parties have access to confidential information and they will become a target to those organisations. From a hacker’s point of view this simply means a wider area that can be targeted when trying to gain information – after all it is well know that a hacker’s best method of compromising any system is to go after the key holders rather than trying to break down the front door as it were.
Does the NSA have good intentions in all of this? They probably do. Is it morally right? You decide.