Cyber Round Up: Obama Administration and Smartphone Encryption, Forcing Suspects to Reveal Phone Passwords is Unconstitutional, China Cybersecurity Agreement Will Leave U.S. Companies Vulnerable

• The Obama Administration Explored ways to Bypass Smartphone Encyryption (The Washington Post):  An Obama administration task force explored available options to allow law enforcement to access encrypted communications, according to the article.  The Washington Post reported that the task force developed a set of principles to guide the use of, and access to encrypted information which included: (1) no bulk collection of information, and (2) no [single] “golden keys”.  The article indicates that the task force also engaged with intelligence agencies and federal law enforcement (LE) and developed four potential solutions (all of which would require a court order):

(1) Encrypted LE port: Providers add a physical encrypted port to their devices that utilized an independent set of keys that would be used by LE;
(2) Spyware Updates: Would require companies to send malicious software updates (spyware) to a customer’s device which would allow LE to access the device;
(3) Split golden-keys: Would require companies to develop a “golden key” and then split that key into multiple keys which could be re-combined and used by LE; and
(4) Forced Backup: Would required companies to upload data from encrypted  devices to unencrypted backups.

The full article can be found here.

• Forcing Suspects to Reveal Phone Passwords is Unconstitutional, Court Says (ARS Technica):  A Federal District Court judge in the Eastern District of Pennsylvania, ruled that forcing suspects to provide the passcode to their locked mobile devices is a violation of the Constitutional right against self-incrimination under the fifth amendment, according to the article.  ARS Technica reports that in 2012, the U.S. Court of Appeals of the 11th circuit ruled similarly when finding that forcing a suspect to decrypt password-protected hard disk drives (HDD) would be a fifth amendment violation.  The full article can be found here.
• China Cybersecurity Agreement Will Leave U.S. Companies Vulnerable (The Street):  Any cybersecurity agreement brokered between the U.S. and China is simply a token accord with no real substance, according to the article.  The Street reports that President Xi Jinping needs U.S. support to help revive China’s GDP which is part of the issue since China leverages its cyber initiatives in order to help achieve the same overall goal.  Consequently, while President Xi needs to strengthen trade and forestall the application of any U.S. sanctions against China, it is unlikely that China will abandon their sophisticated and organized cyber initiatives over the long-term, according to the article. The full text of the article can be found here.