In addition to the purported rise of domestic extremism, National Intelligence boss James Clapper on Tuesday told the Senate intelligence agencies in the United States will exploit an emerging array of internet-connected devices, known as the “internet of things.”
Increasingly a large number of objects—including animals and people—are being assigned unique identifiers and the ability to transfer data over a network without human interaction. From handheld communication and entertainment devices (including televisions and webcams) to cars and household appliances and utilities (notably, smart meters), hundreds of objects now have IP addresses.
“In its extreme, everything can be connected to the Internet. It’s really just a matter of time, as these self-powered wireless-enabled computers become smaller and cheaper,” writes security expert Bruce Schneier. “Soon everything we do, both online and offline, will be recorded and stored forever.”
James Clapper admitted the government and its ever-expanding surveillance state will exploit personal information for the purpose of monitoring and tracking individuals.
”Smart devices incorporated into the electric grid, vehicles—including autonomous vehicles—and household appliances are improving efficiency, energy conservation, and convenience. However, security industry analysts have demonstrated that many of these new systems can threaten data privacy, data integrity, or continuity of services. In the future, intelligence services might use the loT [Internet of Things] for identification, surveillance, monitoring, location tracking, and targeting for recruitment, or to gain access to networks or user credentials,” he said.
Prior to Clapper’s remarks before the Senate Select Committee on Intelligence, a Berkman Center for Internet & Society report from Harvard University concluded: “If the Internet of Things has as much impact as is predicted, the future will be even more laden with sensors that can be commandeered for law enforcement surveillance; and this is a world far apart from one in which opportunities for surveillance have gone dark. It is vital to appreciate these trends and to make thoughtful decisions about how pervasively open to surveillance we think our built environments should be—by home and foreign governments, and by the companies who offer the products that are transforming our personal spaces.”
As Vaughan Emery, the CEO and president of CENTRI Technology, noted last September IoT requires robust encryption to make it safe not only from the prying eyes of government, but also hackers and data theft. Emery proposes an “encrypt-everything” strategy to protect data.
“This strategy maximizes protection regardless of whether the data resides in a public or private cloud, on an IoT endpoint and when it’s in transit. Encrypting everything also complements the traditional focus on network security because even when that initial line of defense fails, the data remain protected,” he writes.
The state is calling for encryption standards to be compromised, not strengthened. “Encryption is making it harder for your government to find criminal activity, and potential terrorist activity,” Homeland Security Secretary Jeh Johnson told one of the world’s largest technology conferences last April.
Earlier this month FBI Director James Comey said during a Senate Intelligence Committee hearing end-to-end encryption—the government calls this form of security “going dark”—is making it impossible for law enforcement and the surveillance state to monitor devices. Comey and the government insist technology companies design holes in their security to accommodate warrants.
“If you put a backdoor in, that backdoor’s for everybody—for good guys and bad guys,” Apple CEO Tim Cook responded.
The government may ultimately force tech companies to allow it to circumvent encryption, but this will not solve the hurdle of encryption.
Companies outside the US are responsible for nearly two-thirds of tech products that offer some form of encryption, according to Schneier. “The argument is that that vulnerability is worth it because police can catch criminals. Well, that’s not true because the criminals will switch [products],” Schneier told The Christian Science Monitor after Comey made his remarks.
“Any US law mandating backdoors will primarily affect people who are unconcerned about government surveillance, or at least unconcerned enough to make the switch,” the authors of the Harvard Berkman Center report write. “These people will be left vulnerable to abuse of those backdoors by cybercriminals and other governments.”