Yahoo exec grills NSA director over ‘backdoor’ access to private data

National Security Agency (NSA) Director Michael Rogers (Reuters/Joshua Roberts)
Yahoo’s chief information-security officer attacked the NSA's director over building “backdoors” to allow government spying on selected users. Mike Rogers defended the practice, saying it should be done within a “legal framework.”

READ MORE:Obama touts cyber plan, but is Silicon Valley ready?

“It sounds like you agree with [Federal Bureau of Investigation Director James] Comey that we should be building defects into the encryption in our products so that the US government can decrypt,” Yahoo’s chief information-security officer, Alex Stamos, said during the 'Cybersecurity for a New America: Big Ideas and New Voices' conference.

Rogers cut the question off, saying: “That would be your characterization.”

Stamos then proceeded further, asking the NSA director whether US tech firms should also build backdoors for foreign countries requesting access to private data.

The Just Security blog published the full transcript of the exchange, which can be viewed here.

“If we’re going to build defects/backdoors or golden master keys for the US government, do you believe we should do so — we have about 1.3 billion users around the world — should we do for the Chinese government, the Russian government, the Saudi Arabian government, the Israeli government, the French government? Which of those countries should we give backdoors to?” Stamos asked.

READ MORE: Google warning: FBI wants to hack any computer in world

Rogers ignored the question and veered off topic by discussing the feasibility of creating a way for the NSA to gain access to encrypted information.

“My position is — hey look, I think that we’re lying that this isn’t technically feasible. Now, it needs to be done within a framework. I’m the first to acknowledge that. You don’t want the FBI and you don’t want the NSA unilaterally deciding, so, what are we going to access and what are we not going to access? That shouldn’t be for us. I just believe that this is achievable,” Rogers said.

During the question-and-answer period, Rogers tried to reassure everyone that backdoor access to data held by US companies is not harmful to privacy and does not have to compromise encryption.

“‘Backdoor’ is not the context I would use, because when I hear the phrase ‘backdoor’ I think: ‘Well this is kind of shady, why wouldn’t you want to go in the front door, be very public?’” Rogers said. “We can create a legal framework for how we do this.”

Washington has been fighting off criticism from other tech firms about its attempts to gain access to private user data. Just over a week ago, Apple chief executive Tim Cook criticized the White House Summit on Cybersecurity and Consumer Protection at Stanford University, stating that people in “positions of responsibility” must work to protect privacy, not steal it.

On February 13, US President Barack Obama appeared at Stanford University, urging the nation’s top tech companies to endorse the administration’s plan for enhanced cybersecurity.

The address came in the wake of a series of damning attacks that have crippled the networks and systems of private businesses in recent months – including those of Target, Home Depot, and Sony Pictures Entertainment.

READ MORE:Apple security flaw could be a backdoor for the NSA