January 27, 2017

WASHINGTON—ITI, the global voice of the tech sector, unveiled principles today intended to assist policymakers who are grappling with the legitimate need of governments to access technology or commercial data for counterterrorism and law enforcement efforts while upholding the fundamental values of security, privacy, and freedom of expression that are essential to people’s trust in technology. The recommendations come after a year marked by calls to require technology companies to adhere to government requests to disable security features or otherwise introduce security vulnerabilities into technologies.

“Too often the collision of hot-button issues such as encryption and counterterrorism have quickly devolved into a simplistic debate of security versus privacy,” ITI President and CEO Dean Garfield said. “This is a false choice because weakening security with the aim of advancing security simply does not make sense. ITI believes that the tech sector and governments can work together with other stakeholders to thoughtfully craft policies that address government access challenges without weakening security, privacy, or trust.”

As people celebrate Data Privacy Day on January 28th this year, Garfield noted that ITI’s Global Guiding Principles for Trust, Technology, and Government Access in the Digital Age (pdf) contain 10 principles, including recommendations urging policymakers around the globe to:

  • Oppose weakening the security of technology products and services, and to respect freedom of expression and privacy as essential values.
  • Prioritize mutual legal assistance reform and cooperation among countries for law enforcement purposes, including making Mutual Legal Assistance Treaties (MLATs) more effective tools for cross-border investigations.
  • Employ responsible and equitable vulnerability disclosure practices to enable technology companies to better protect against cybersecurity attacks and encourage responsible disclosure of vulnerabilities by security researchers to technology vendors.

The principles also extend an offer by the technology industry to work transparently and collaboratively with governments to improve the technical competencies of their workforces, to build capacity to understand the rapidly evolving nature of technology, to help prioritize resources, and to leverage technological innovation to assist in conducting lawful investigations.

# # #

Public Policy Tags: Cybersecurity, Encryption, Data & Privacy