October 20, 2017

On Encryption Apps in the White House

Politico ran a long story today pointing to an increase in the use of encrypted communication apps by people in DC, government, and the White House specifically.

Poisonous political divisions have spawned an encryption arms race across the Trump administration, as both the president’s advisers and career civil servants scramble to cover their digital tracks in a capital nervous about leaks.

The surge in the use of scrambled-communication technology — enabled by free smartphone apps such as WhatsApp and Signal — could skirt or violate laws that require government records to be preserved and the public’s business to be conducted in official channels, several ethics experts say. It may even cloud future generations’ knowledge of the full history of Donald Trump’s presidency.

The article seems to be well reported, and it raises some of the important issues around the trend toward encryption in DC. But I think it misses a few points, which I’d like to open up in this post.

The first point is that there is nothing wrong with government employees using encrypted apps for their personal communication. Indeed, doing so should be considered a best practice for people who might be targets for foreign intelligence services–such as people who work at the White House. Insecure practices in the personal lives of government officials create risk–and it seems ill-advised for White House officials to try to stop their employees from following security best practices on their personal phones.

The second issue is the relationship between encryption and record-keeping. Government employees are required to retain records of much of their official communication–which is one of the reasons why business and personal activities are conducted on separate systems, more so in the government than in other enterprises. (The other main reason is security. And of course classified information is handled on yet another separate array of systems.) Government systems are set up to collect the necessary records, whereas your personal systems probably don’t retain everything that you would need to keep if you were carrying out government business on them.

But notice that record-keeping does not depend on messages being encrypted or not encrypted as they traverse a network. It is perfectly feasible to transmit a message in encrypted form, while archiving that message at one or both endpoints. If you’re using an untrusted network–and most of the networks you’ll encounter as you move through your life should be treated as untrusted–then it’s prudent to use encryption for data traversing those networks, and to meet any record-keeping requirement by logging messages at the endpoints. Some government-issued systems already work that way.

But the reality for White House employees–based on my experience working there–is that they seem to have access to better encrypted communication tools on their private devices than they do on their government-issue devices. And that leads to a natural temptation to transact government business using secure apps on personal devices. One way to address that would be to improve the encrypted communication tools available on government-issued devices, while making sure to configure those tools to keep records and maintain accountability as legally required. That wouldn’t stop employees from using their personal devices because they want to avoid accountability–cheaters gonna cheat–but at least it would reduce the temptation to use personal devices to try to improve security.

Finally, one has to wonder how this discussion is affected by the politics of encryption. I’ll write about that in a future post.

 

Comments

  1. Ubj nobhg n cevingr znvy freire, yby?