The year of encryption is upon us
Wed, 01/08/2020 – 22:30
1969 will forever be known as the year humans walked on the moon. Gary Ross Dahl rocked the world again in 1975 with the introduction of the Pet Rock. And MTV celebrated the moon landing and popular culture – and changed the music world – when it launched in 1981.
The world remembers 1989 as the year the Berlin Wall fell, opening the door to a unified Germany. It’s hard to forget 2008, the year the financial crisis hit. And 2015 was the year of the millennial, when this group surpassed baby boomers as the biggest U.S. generation.
Each year has its defining moments and trends. And 2020 will be the Year of Encryption.
Here’s why: Encryption is a key technology in protecting sensitive information such as social security numbers, government IDs and financial data. It is also an important part of personal data privacy – a key consumer and compliance concern. Given the importance of encryption it is also a subject of debate at the U.S. state and federal level and elsewhere in the world.
The CCPA will help educate the public on consumer privacy, cybersecurity and encryption
The nation’s most populous state kicked off 2020 with the 2020 California Consumer Privacy Act (CCPA). As of Jan. 1, 2020, California residents have greater control over their personal data.
Under the CCPA, organizations are required to disclose what data they have about California residents who request that information. Companies must delete the information of California residents who ask them to do so. And Californians can forbid organizations from sharing their data with other entities.
Residents of the Golden State also now have the right to bring action for statutory damages if their information is subject to a data breach. But, notably, they can do so only in cases in which their personal information is nonencrypted and nonredacted.
That is likely to prompt more organizations to employ encryption technology. So is the fact that the CCPA will make consumers more informed about personal data privacy.
Renewed federal efforts will drive debate around encryption, putting it in the spotlight
Lawmakers in the U.S. and elsewhere are also fueling discussion and new action around encryption. In Washington, D.C., there’s a new push to require the tech community to create encryption backdoors allowing government entities access to the information. Senators are pushing tech companies to give law enforcement personnel access to encrypted data for investigations into criminal and terrorist organization. The challenge with any “backdoor” is that there is the possibility a nefarious organization can also discover and utilize the backdoor for access to sensitive information — undermining the purpose of encryption.
Meanwhile, government leaders from Australia, the U.K. and U.S. are urging Facebook to abandon encryption plans. They sent Mark Zuckerberg an open letter in October voicing their concerns and making this request.
GDPR will keep the conversation going, too, with Brexit adding new fuel to the fire
Then there’s the General Data Protection Regulation (GDPR). GDPR has been around for several months now. But many organizations are still implementing and fine-turning their compliance strategies around this relatively new requirement. And some strategies leverage encryption.
Also, the significant GDPR fines regulators are levying for non-compliance continue to generate headlines and calls for better solutions. The fact that Brexit appears to be moving forward is also creating new conversations around GDPR. Businesses are wondering how the U.K.’s withdrawal from the European Union will impact GDPR requirements in the UK and how to respond.
Encryption could help address concerns about the elections
Four years have passed since the Cambridge Analytica-Facebook scandal and other election meddling activities came to light. Yet concerns remain about how the country can ensure fair elections in 2020 and beyond.
Following the 2016 election, WIRED magazine ran a story with this headline: “For the Next Election, Don’t Recount the Vote. Encrypt It.” And, a couple of months ago, the Massachusetts Institute of Technology debuted a cryptographic voting system. Whether and when government leaders decide to employ encryption remains to be seen. (If they plan to use it for the elections, they better move fast, as primaries begin next month.)
In any case, one thing seems certain: encryption in 2020 will be more readily understood, discussed and debated than ever before. And that’s a good thing.
Welcome to the Year of Encryption.
*** This is a Security Bloggers Network syndicated blog from Drupal blog posts authored by peter-galvin. Read the original post at: https://www.ncipher.com/blog/year-encryption-upon-us