Verizon could be the latest big company to enter the post-Snowden market for secure communication, and it’s really doing so having an encryption standard that is included with a means for police to gain access to ostensibly secure phone conversations.
Verizon Voice Cypher, the merchandise introduced on Thursday with the encryption company Cellcrypt, offers business and government customers end-to-end encryption for voice calls on iOS, Android, or BlackBerry devices designed with a particular app. The encryption software provides secure communications for individuals speaking on devices with the app, irrespective of their wireless carrier, and it can also hook up to an organization’s secure phone system.
Cellcrypt and Verizon both say that police agencies can access communications that occur over Voice Cypher, as long as they are able to prove that there surely is a legitimate police reason for doing this. Seth Polansky, Cellcrypt’s vice president for THE UNITED STATES, disputes the theory that building technology to permit wiretapping is really a risk of security. “It’s only developing a weakness for government agencies,” he says. “Wish government access option exists, it generally does not mean others can get access to it.”
Phone carriers like Verizon are needed by U.S. law to construct networks which can be wiretapped. However the legislation referred to as the Communications Assistance for POLICE Act requires phone carriers to decrypt communications for the government only when they will have designed their technology to make it possible to take action. If Verizon and Cellcrypt had structured their encryption in order that neither company had the data essential to decrypt the calls, they might not need been breaking regulations.
Other companies have designed their encryption in this manner, including AT&T, that provides encrypted phone service for business customers. Apple and Android recently began protecting content stored on users’s phones in a fashion that would keep carefully the tech companies from having the ability to adhere to requests from police. The move drew public criticism from FBI Director James Comey, plus some security experts expect a renewed effort to stir passage of legislation banning such encryption will accompany Silicon Valley’s increased curiosity about developing these services.
Verizon believes major demand for its new encryption service should come from governmental agencies conveying sensitive but unclassified information on the phone, says Tim Petsky, a senior product manager for Verizon Wireless. Corporate customers that are worried about corporate espionage will also be itching for answers. “You find out about breaches in security nearly every week in the press,” says Petsky. “Enterprise customers have now been asking about methods to secure their communications or more until this aspect, we didn’t have a solution.”
There has been increased fascination with encryption from individual consumers, too, largely thanks to the NSA revelations leaked by Edward Snowden. Bing began offering end-to-end encrypted e-mail services in 2010. Silent Circle, a startup catering to consumer and enterprise clients, has been developing end-to-end voice encryption for phones calls. Verizon’s service, with a monthly price of $ 45 per device, isn’t targeting individual buyers and defintely won’t be wanted to average consumers soon.
But Verizon’s partner, Cellcrypt, looks upon selling to large organizations because the first rung on the ladder toward decreasing the purchase price before eventually supplying a consumer-level encryption service. “At the end of the day, we’d want to have this be considered a line item on your own Verizon bill,” says Polansky.
It’s still not yet determined what size the potential market for consumer-level encryption services is. Chris Soghoian of the ACLU’s speech, privacy, and technology project, believes that Verizon’s approach is unlikely to possess wide appeal due to Verizon’s decision never to keep out police.
Many people in the security industry think that a designed access point creates a vulnerability for criminals or spies to exploit. This past year reports surfaced that the FBI was pushing legislation that could require many types of Internet communication to be wiretap-ready. Several prominent security experts responded strongly: “Requiring software vendors to create intercept functionality within their products is unwise and you will be ineffective, with the effect being serious consequences for the economic well-being and national security of the United States,” they wrote in a written report issued in-may.
Verizon’s service may have drawn praise from security experts previously, Soghoian says, however the past year of revelations about government surveillance has changed the atmosphere. “Today, to roll this out with a backdoor, that’s inexcusable, he says. ” With encrypted phone services being developed to be inaccessible to anyone, he says, “It’s tough to observe how Verizon can compete here when they’re designing something that’s less secure.”