All blog posts created by Communications Office
  • Wyden LA Times op-ed “With hackers running rampant, why would we poke holes in data security?”

    U.S. Senator Ron Wyden in an op-ed in the Los Angeles Times, calls for legislation to ban the government from mandating technology companies to build security weaknesses into their products. Wyden introduced the Secure Data Act this month, which would ban government-mandated back doors.

    “Hardly a week goes by without a new report of some massive data theft that has put financial information, trade secrets or government records into the hands of computer hackers.

    The best defense against these attacks is clear: strong data encryption and more secure technology systems.

    The leaders of U.S. intelligence agencies hold a different view. Most prominently, James Comey, the FBI director, is lobbying Congress to require that electronics manufacturers create intentional security holes — so-called back doors — that would enable the government to access data on every American's cellphone and computer, even if it is protected by encryption.

    Unfortunately, there are no magic keys that can be used only by good guys for legitimate reasons. There is only strong security or weak security.

    Americans are demanding strong security for their personal data. Comey and others are suggesting that security features shouldn't be too strong, because this could interfere with surveillance conducted for law enforcement or intelligence purposes. The problem with this logic is that building a back door into every cellphone, tablet, or laptop means deliberately creating weaknesses that hackers and foreign governments can exploit. Mandating back doors also removes the incentive for companies to develop more secure products at the time people need them most; if you're building a wall with a hole in it, how much are you going invest in locks and barbed wire? What these officials are proposing would be bad for personal data security and bad for business and must be opposed by Congress.

    In Silicon Valley several weeks ago I convened a roundtable of executives from America's most innovative tech companies. They made it clear that widespread availability of data encryption technology is what consumers are demanding.

    It is also good public policy. For years, officials of intelligence agencies like the NSA, as well as the Department of Justice, made misleading and outright inaccurate statements to Congress about data surveillance programs — not once, but repeatedly for over a decade. These agencies spied on huge numbers of law-abiding Americans, and their dragnet surveillance of Americans' data did not make our country safer.

    Most Americans accept that there are times their government needs to rely on clandestine methods of intelligence gathering to protect national security and ensure public safety. But they also expect government agencies and officials to operate within the boundaries of the law, and they now know how egregiously intelligence agencies abused their trust.

    This breach of trust is also hurting U.S. technology companies' bottom line, particularly when trying to sell services and devices in foreign markets. The president's own surveillance review group noted that concern about U.S. surveillance policies “can directly reduce the market share of U.S. companies.” One industry estimate suggests that lost market share will cost just the U.S. cloud computing sector $21 billion to $35 billion over the next three years.

    Tech firms are now investing heavily in new systems, including encryption, to protect consumers from cyber attacks and rebuild the trust of their customers. As one participant at my roundtable put it, “I'd be shocked if anyone in the industry takes the foot off the pedal in terms of building security and encryption into their products.”

    Built-in back doors have been tried elsewhere with disastrous results. In 2005, for example, Greece discovered that dozens of its senior government officials' phones had been under surveillance for nearly a year. The eavesdropper was never identified, but the vulnerability was clear: built-in wiretapping features intended to be accessible only to government agencies following a legal process.

    Chinese hackers have proved how aggressively they will exploit any security vulnerability. A report last year by a leading cyber security company identified more than 100 intrusions in U.S. networks from a single cyber espionage unit in Shanghai. As another tech company leader told me, “Why would we leave a back door lying around?”

    Why indeed. The U.S. House of Representatives recognized how dangerous this idea was and in June approved 293-123, a bipartisan amendment that would prohibit the government from mandating that technology companies build security weaknesses into any of their products. I introduced legislation in the Senate to accomplish the same goal, and will again at the start of the next session.

    Technology is a tool that can be put to legitimate or illegitimate use. And advances in technology always pose a new challenge to law enforcement agencies. But curtailing innovation on data security is no solution, and certainly won't restore public trust in tech companies or government agencies. Instead we should give law enforcement and intelligence agencies the resources that they need to adapt, and give the public the data security they demand.”

  • Wyden: Floor Statement on Torture Report

    Sen. Wyden delivered the following remarks after the Senate Intelligence Committee's report on the CIA's use of torture was made public. He pushed to launch the investigation in 2009, and played a critical role in ensuring the report came to light, despite a campaign to delay its release and obscure critical details.

    Wyden: Floor Statement - Interrogation Report

    Watch Sen. Wyden's remarks after the release of the torture report

  • Fighting for a level playing field online for Oregon businesses

    When 90 percent of a small business’ sales are online and its workforce has grown from nine employees to 24 in two short years, it’s vital Congress not unfairly tilt the level Internet playing field that helped that expansion.

    That’s the story at Daddies Board Shop in Northeast Portland and why Ron has stood with Daddies and so many other small businesses across Oregon in the fight against what’s termed the Marketplace “Fairness” Act.

    “Fairness” is of course in the eye of the beholder since this bill would have unfairly forced Oregon companies to collect sales tax for other states when a resident in another state made a purchase. In today’s competitive economy, it’s critical for companies to expand their market in other states, and it’s unfair and expensive for them to play tax collector when they do.

    Like owners of so many other Oregon small businesses that rely on online sales, Daddies’ owner Daron Horwitz says it’s the level playing field of the Internet that allows his business to compete with big retailers around the world.

    After checking out Daddies’ world-class products during a visit this month, Ron told Daddies Board shop employees their business is exactly the kind of business he’s proud of as an Oregonian.

    My goal is to keep the Internet free and open -- as it always has been,” he said. “After all, that’s the underpinning of what’s allowed Internet commerce to flourish.”

    For now, thanks to the efforts of Sen. Wyden and his bipartisan coalition, the MFA appears to have been disconnected in this Congress. Businesses across Oregon can breathe easier and keep selling their great Oregon products. And, if legislation tries to tip the scales against small businesses in the future, Ron will go to the mat again.

    This scheme would make Oregon businesses collect sales taxes for hundreds of other state and local governments,” Ron said. “It essentially forces Oregon companies to subsidize Texas’s government. That’s not fair to Oregon, and it’s not fair to small businesses nationwide.”