Did the Department of Justice unwittingly cause the current pathetically weak condition of U.S. computer security weakness?
Some would say that the Department’s treatment of leading encryption advocate Phil Zimmerman in the 90s, the government created a sort of cloud around the use of this common sense security practice. Through threats to prosecute those who developed and distributed strong encryption, the government discouraged vendors from making their products secure.
The case of United States v. Boyajian, 2013 WL 4189649 (C.D. Cal. 2013) (summary) is a great example. The issue was whether use of encryption meant it was more likely that the defendant had committed criminal acts?
The court decided that the encryption evidence carried a substantial risk of unfair prejudice to the defendant because it tended to prove that his character was dishonest and he did not respect the law due to the suggestion that defendant had a character trait for secretively flouting rules and social norms.
Wow! If I put a lock on my front door, it means I don’t want people, especially malefactors, entering at will. It doesn’t mean I’m a criminal. Encrypting my computer is no different.
The ill-considered DOJ policies from the 90s have left a legacy of ugly attitudes that have facilitated the wave of computer crime that threatens to engulf us today.