Silicon Valley's Trump rebellion now has EFF calling for more encryption

controlling privacy
Credit: Thinkstock

The Electronic Frontier Foundation is keenly worried that President-elect Donald Trump and the Republican-controlled Congress will step up surveillance activities and pass laws to curtail electronic rights.

As a result, the EFF is advising the tech sector to use end-to-end encryption for every transaction by default, and to scrub logs. "You cannot be made to surrender data you do not have," the EFF said.

[To comment on this story, visit Computerworld's Facebook page.]

"We need to start securing our systems now," said Rainey Reitman, director of the EFF's activism team, in an interview. "If we wait until he [Trump] starts putting overbroad government demands on tech companies, they won't have the time to clean up their logs and encrypt data."

"It's very clear to us that he is no friend to civil liberties," said Reitman, of Trump. "He will be in a position where he can move bills and support measures and even put out executive orders that can be very detrimental to digital rights."

The tech community is wary, generally, of Trump. More than 1,000 people who work at tech firms have signed a pledge, Neveragain.tech , not to help the incoming administration create a database to target people because of race or religion or to facilitate mass deportations.

The EFF has assembled evidence it believes justifies this call for action. That includes Trump's call for forcing Apple to open the iPhone owned by one the San Bernardino attackers.

The government wanted Apple to hack into the iPhone, something it would not do. Trump's response to Apple was, "Who do they think they are? No, we have to open it up." The FBI ultimately unlocked the phone with help of a third party.

Legislation also emerged to broadly compel the tech industry to provide a backdoor to encrypted communications, notably in an effort by Senators Richard Burr (R-N.C.) and Dianne Feinstein (D-Calif.), chair and vice chair, respectively, of the Senate Intelligence Committee. But the White House didn't support it at the time.

Reitman believes the encryption issue will emerge again, and a Trump White House may approve backdoor legislation. This "is one of the things to watch out for over the next few months," she said.

Many of the big vendors also have large contracts with the government and are seeking pro-industry trade agreements as well. But the industry has also received pushback from its users, particularly in the wake of revelations by Edward Snowden that the government was participating in surveillance efforts.

Because of Snowden, "tech actually had to show that they were willing to fight for individual users and were willing to take steps to improve privacy," said Reitman.

The EFF has outlined a set of specific recommendations it believes tech firms can take. Some are aimed at specific firms, such as calling on Twitter to enable end-to-end encrypted direct messages.

The data the Trump administration could use to track certain groups is already available. Businesses, Facebook being the obvious example, may have databases with details about the religious and ethnic backgrounds of their customers, Reitman said.

The effort by some in Silicon Valley to speak out against and fight any effort by tech firms to participate in this data collection will also be up against government contracting.

"The Trump administration will always be able to find contractors that are willing to do most anything short of illegal, provided the potential liabilities are realistic," said Ray Bjorklund, who heads federal market research firm BirchGrove Consulting.

The government can issue new orders on existing contracts, although terms and conditions can be set that protect both parties, said Bjorklund. The government could also re-open the business for other bidders, he said.

Even without the EFF raising its own concerns, the Neveragain.tech effort points to use of data gathering in the Holocaust to illustrate the gravity of the issue.

Christopher Browning, a Holocaust researcher who wrote a number of books, said that in many countries, particularly eastern Europe, the Nazis relied on local collaborators to identify local Jews. But in western Europe, especially The Netherlands, "registration of Jews was a key, seemingly innocent, but in retrospect fatal step that made it virtually impossible for those who did register to escape all further measures" short of attempted hiding, he said, in an email response to questions.

"In The Netherlands forged papers were particularly difficult, due to the very advanced technology of the bureaucracy in producing ID papers," said Browning. "In contrast, in Athens the ability of the Jewish community to destroy all of its records before the Germans arrived made it very difficult for the Germans to find and identify Jews in southern Greece. Those on the islands, however, were for all practical purposes trapped and thus suffered a much higher fatality rate than those on the southern mainland."

"Given that any intensified persecution of minorities in the U.S. would more likely follow the western European rather than eastern European model, then yes, registration is a key, endangering factor," said Browning.

Computerworld's IT Salary Survey 2017 results
Shop Tech Products at Amazon