Stephen Colbert has done tons of sarcastic and critical segments about the NSA (“The more I learn the safer I feel,” he said in October), but now he’s being called on to put those words into action. Colbert is scheduled to speak at an annual conference organized by security firm RSA, but privacy advocates are agitating for him to withdraw because of reports that the NSA paid RSA $10 million to weaken one of its own encryption algorithms.
RSA has been known as a security advocate and trusted source of privacy software for many years, so the idea that it was paid by the NSA to build a backdoor into its BSafe app has been deeply troubling to many in the tech community.
RSA said in a statement last month that it did not have any type of secret contract with the NSA and was unaware of flaws in its encryption until this summer, when information about NSA backdoors began emerge from documents leaked by Edward Snowden. But concerns about the specific encryption key have percolated since 2007, so it’s hard to imagine that RSA never got around to assessing the issue.
Given all of this, the digital rights group Fight for the Future has created a petition requesting that Colbert cancel his plans to close out the RSA conference. The group writes in its open letter:
We know you, Stephen, and we know you love a good “backdoor” joke as much as we do—but this kind of backdoor is no laughing matter. … Companies need to know that they can’t betray our trust without repercussions. We want to hear your speech, but give it somewhere else!
There’s no word from Colbert yet, but a number of other scheduled speakers—including Mozilla’s global chief of privacy, a Google software engineer, and a cybersecurity analyst—have already canceled their conference talks.
Colbert’s celebrity is convenient because allows the controversy over the RSA conference to reach a wider audience and draw mainstream interest. Now that revelations about the NSA have shown just how far the agency’s reach can extend, citizens need to be formulating their own opinions about the access government and private corporations should have to their personal data and how privacy should be defined today. The more examples there are of visible activism on all sides of the debate, the more motivated people may be to engage in the discussion.