Working Group on "Encryption Policy & Government Hacking"
The first working hypothesis was that Germany and the United States should forego any further encryption policy and mandatory backdoors discussion and rather focus on the analysis of obtaining digital evidence through a variety of other means including government hacking.
The problem analysis which has been conducted and published revealed that government hacking faces many challenges.
The following areas have been identified for further research and analysis:
- assessing government hacking and identifying alternatives;
- evaluating and designing a comprehensive vulnerability management scheme;
- discussing future challenges arising from digital evidence;
- exploring the adequacy of judicial review;
- mitigating possible foreign policy implications.
A workshop conducted in Washington D. C. on July 12-13 brought together members of the working group on encryption policy & government hacking to discuss the results of the problem analysis and the way forward. Based on the outcome of the problem analysis, the working group discussed various ideas on how to address those challenges.
The working group agreed to collaborate on the following:
- drafting principles for a comprehensive vulnerability management scheme, taking into consideration the international and human rights dimensions;
- drafting a holistic framework for government hacking, including legal bar/standards, the nature of digital evidence, impact minimization (such as exploring alternatives), minimum disclose details as well as the international and human rights dimensions.
The next workshop has been loosely scheduled for spring 2018 to discuss the results of the collaboration on those issues and plan the subsequent policy and outreach activities.
Another outcome of the workshop is the jointly agreed “Initial Take-Away on Encryption Policy and "Government Hacking".
The working group consists of 44 members from civil society, private sector and academia from Germany and the United States. The views and opinions expressed by TCF as a whole (and on this website) are those of the project team and do not necessarily reflect the official policy or position of the individuals in the working group and that of their employer. Any statement linked on the website only represents the views of the respective signatories. The following members agreed to be named on this website:
- Simon Assion, Bird & Bird
- Kevin Bankston, New America’s Open Technology Institute
- Cathleen Berger, Mozilla
- Ulf Buermeyer, Gesellschaft für Freiheitsrechte
- Chris Calabrese, Center for Democracy and Technology
- Betsy Cooper, Center for Long-Term Cyber Security, University of Berkeley
- Jennifer Daskal, American University Washington College of Law
- Alan Duric, Wire
- Marc Fliehe, Verband der TÜV e. V. (VdTÜV)
- Sharon Bradford Franklin, New America
- Benjamin Güldenring, Institute for Computer Science of the Freie Universität Berlin
- Jan Dominik Gunkel, DIGANTRO
- Sven Herpig, Stiftung Neue Verantwortung
- Stefan Heumann, Stiftung Neue Verantwortung
- Scarlet Kim, Privacy International
- Klon Kitchen, Heritage Foundation
- Karsten König, CIPHRON
- Andreas Kuehn, Cyberspace Cooperation of the East West Institute
- Susan Landau, Tufts University
- Emily McReynolds, University of Washington Tech Policy Lab
- Daniel Moßbrucker, Reporters without Borders
- Dr. Holger Mühlbauer, TeleTrusT
- Jan Neutze, Microsoft
- Jörg Pohle, Alexander von Humboldt Institut für Internet und Gesellschaft
- Rainer Rehak, FIfF (Computer Scientists for Peace and Social Responsibility)
- Thomas Reinhold, CyberPeace
- Volker Roth, Institute for Computer Science of the Freie Universität Berlin
- Ross Schulman, New America’s Open Technology Institute
- Julia Schuetze, Stiftung Neue Verantwortung
- Ari Schwartz, Venable LLP
- Megan Stifel, Public Knowledge
- Eric Wenger, Cisco
- Christoph Zurheide, Deutsche Post DHL Group
The Working Group on "Encryption Policy & Government Hacking" is part of the Transatlantic Cyber Forum