Legislative proposals should avoid simply shifting responsibility from the app developer who knows their customer and content best to the app stores that distribute them.
Today, the European Commission issued its first fines under the controversial Digital Markets Act.
These couple weeks have proven to be a powerful reminder of the power of encrypted messaging apps, and the equally significant harm to national security when someone unwittingly gains access to important private conversations.
The need for the world’s leading executives and government national security experts to weigh in on non-security “civil” legislation stands on its own as an imperative.
The Washington Post reported in February that the U.K. government issued a “secret order” that “demanded that Apple create a back door allowing them to retrieve all the content any Apple user worldwide has uploaded to the cloud.”
While the immediate order is centered on Apple’s cloud data, the U.K.’s order for blanket access to encrypted material raises broader questions about its applicability to other companies and its potential to undermine end-to-end encryption, a critical tool businesses and consumers broadly rely upon today to keep their devices, services and data safe.
By any account, the transatlantic relationship appears to be at a low point. From trade and economics to matters of war and peace, the United States and Europe are in an apparent period of disunity not seen in decades.
However, there is one area where there appears to be more alignment than one might expect: cybersecurity.
Many people may have missed it, but just ahead of the holidays, the European Commission proposed specific new interoperability mandates under the Digital Markets Act
This week’s global IT crisis affecting businesses around the world should be a wake up call to us all. DMA requirements for mandatory third party access to the operating system will make personal smartphones and tablets vulnerable to new and currently unimaginable emerging threats.
Last March, in the forward to the White House Cybersecurity strategy, the President wrote, “[W]hen we pick up our smart phones to keep in touch with loved ones, log on to social media to share our ideas with one another, or connect to the Internet to run a business, we need the ability to trust that the underlying digital ecosystem is safe, reliable, and secure.”
We’ve previously explained the many challenges European regulators face in implementing the Digital Markets Act (DMA), especially as it relates to the security consequences of downloading mobile apps from untrusted sources. In this piece, we go deeper to examine lessons from a similar well-meaning approach and architecture from the 1990’s — a technology framework called ActiveX that enabled software applications to be downloaded from third-party sources to bridge the gap that separated web pages from Microsoft’s operating system.