Congress Finally Put a (Really Obscure, But Important) Limit on NSA Power

The Citizen's Guide to the Future
May 23 2014 6:18 PM

Congress Blocks the NSA From Meddling With Encryption Standards. Finally.

nist
NIST sets encryption standards, and it's kind of crucial that that process exclude the NSA.

Photo from Commerce.gov.

The House passed a toothless NSA reform bill yesterday, and VC Marc Andreessen says that meetings about privacy and surveillance between tech companies and the Obama administration haven't been very productive. But the news isn't all depressing for privacy advocates. One consolation prize: a new amendment that says the NSA can no longer be involved in determining encryption standards.

Lily Hay Newman Lily Hay Newman

Lily Hay Newman is lead blogger for Future Tense.

The National Institute of Standards and Technology is the federal agency that determines standards for measured quantities, like the length of a second. But NIST also holds competitions to get the best cryptographers in the world to solve security problems and evaluate new encryption techniques. The agency considers the results of its competitions as it forms new encryption standards. Once those standards are published, government agencies, subcontractors, and vendors must adhere to them for digital communications and hardware/software purchases. That means they influence manufacturers, government vendors, and tons of people.

Advertisement

Until now, the NSA has been allowed to influence decisions about encryption standards. And the NSA, presumably, is interested in finding ways to circumvent the standards so it can intercept communications and data that the senders think are secure. The agency even prevailed upon NIST to publish a standard which many in the cryptography community warned had been weakened and probably contained a backdoor for easy NSA access.

Now, finally, the House Science and Technology Committee passed an amendment to the Frontiers in Innovation, Research, Science, and Technology Act this week that will keep the NSA from getting involved in NIST's encryption-standard evaluation process. As the Huffington Post points out, this may be the first time a body of Congress has approved legislation that limits the NSA's power.

Before the vote on the amendment, Rep. Alan Grayson (D-Fla.) wrote the following in a letter to the committee:

These are serious allegations. NIST, which falls solely under the jurisdiction of the Science, Space, and Technology Committee, has been given "the mission of developing standards, guidelines, and associated methods and techniques for information systems." To violate that charge in a manner that would deliberately lessen encryption standards, and willfully diminish American citizens' and business' cyber-security, is appalling and warrants a stern response by this Committee. Many businesses, from Facebook to Google, have lamented the NSA's actions in the cyber world; and some, such as Lavabit, have consciously decided to shut their doors rather than continue to comply with the wishes of the NSA. Changes need to be made at NIST to protect its work in the encryption arena.

Internally, NIST has also been working to cleanse itself by eliminating the faulty, NSA-backed encryption component from its standard. And the amendment is an important victory and a good reminder for people who may not think about cryptography every day. Weakened encryption has been one of the NSA's reliable backdoors for collecting data, and the NSA's involvement at NIST was preventing citizens and people worldwide from making informed choices about how to protect their data.

Future Tense is a partnership of SlateNew America, and Arizona State University.

Lily Hay Newman is lead blogger for Future Tense.

TODAY IN SLATE

Politics

Meet the New Bosses

How the Republicans would run the Senate.

The Government Is Giving Millions of Dollars in Electric-Car Subsidies to the Wrong Drivers

Scotland Is Just the Beginning. Expect More Political Earthquakes in Europe.

Cheez-Its. Ritz. Triscuits.

Why all cracker names sound alike.

Friends Was the Last Purely Pleasurable Sitcom

The Eye

This Whimsical Driverless Car Imagines Transportation in 2059

Medical Examiner

Did America Get Fat by Drinking Diet Soda?  

A high-profile study points the finger at artificial sweeteners.

The Afghan Town With a Legitimately Good Tourism Pitch

A Futurama Writer on How the Vietnam War Shaped the Series

  News & Politics
Photography
Sept. 21 2014 11:34 PM People’s Climate March in Photos Hundreds of thousands of marchers took to the streets of NYC in the largest climate rally in history.
  Business
Business Insider
Sept. 20 2014 6:30 AM The Man Making Bill Gates Richer
  Life
Quora
Sept. 20 2014 7:27 AM How Do Plants Grow Aboard the International Space Station?
  Double X
The XX Factor
Sept. 19 2014 4:58 PM Steubenville Gets the Lifetime Treatment (And a Cheerleader Erupts Into Flames)
  Slate Plus
Tv Club
Sept. 21 2014 1:15 PM The Slate Doctor Who Podcast: Episode 5  A spoiler-filled discussion of "Time Heist."
  Arts
Brow Beat
Sept. 21 2014 2:00 PM Colin Farrell Will Star in True Detective’s Second Season
  Technology
Future Tense
Sept. 19 2014 6:31 PM The One Big Problem With the Enormous New iPhone
  Health & Science
Bad Astronomy
Sept. 22 2014 5:30 AM MAVEN Arrives at Mars
  Sports
Sports Nut
Sept. 18 2014 11:42 AM Grandmaster Clash One of the most amazing feats in chess history just happened, and no one noticed.