Matt Blaze | Written testimony before the House Committee on Government Reform Subcommittee on Military and Foreign Affairs | April 2, 2025

Blaze nails the cost/(dis-)benefit analysis of drilling holes in everyone’s privacy, trust & integrity to satisfy a niche use case, although I feel he leaves too much wiggle room and risk open in conflating E2EE, Signal, and “off by default” surveillance of telecom switches:

Needless to say, court-authorized wiretaps are an important tool used by law enforcement to investigate crime. But telecommunications services are deeply integrated into the fabric of the digital lives of almost every American, the vast majority of whom will never be the subject of a criminal or national security investigation … Requiring new services to be engineered with wiretapping as a central requirement is dangerous, and requiring wiretap interfaces to be present in every switch serving every customer is effectively an open invitation to foreign adversaries. At a minimum, CALEA should be revised incorporate rigorous security testing, reviewed on an ongoing basis and as new services and equipment are introduced. And the capabilities should be required to be off by default, rather than enabled even in facilities where no wiretaps are active.

https://oversight.house.gov/wp-content/uploads/2025/04/Blaze-Written-Testimony.pdf

Via: https://www.threads.net/@jlorenzohall/post/DIP5qbJOLNx

#endToEndEncryption #MattBlaze #saltTyphoon