Cisco: In 2016, uncertain tides for Safe Harbor and encryption
The future of Internet governance — nationally and internationally — is murky, warns Cisco in its 2016 annual cybersecurity report, with the future of the U.S.-E.U. data transfer Safe Harbor unclear and the continuing fight between law enforcement and tech companies over strong, end-to-end encryption.
The report, released Tuesday, outlines Cisco’s view of the cybersecurity landscape last year, including major trends in cybercrime, like the growth in ransomware; samples opinion from industry executives; and turns the telescope toward 2016 in a series of predictions.
A chief concern for the IT sector in the coming year, it states, will be data transfer regulation.
“In the post–Edward Snowden era, the geopolitical landscape for Internet governance has changed dramatically,” the report declares. “There is now pervasive uncertainty surrounding the free flow of information across borders.”
[Read more: U.S. and E.U. get deadline for new Safe Harbor agreement]
The report cites the landmark decision by the Court of Justice of the European Union last October to overturn the Safe Harbor agreement with the U.S., as well as the flurry of calls from U.S. officials to arm intelligence agencies with encryption keys as evidence that the expected “Safe Harbor 2.0” agreement will face a rocky road to legislative success.
In the interim, organizations have embraced a nebulous class of alternatives that may face their own legal scrutiny, the report’s authors warn.
“Companies are now forced to rely on mechanisms and legal safeguards other than Safe Harbor when transferring data out of the EU to the United States — which are, in turn, subject to investigation. Data companies are still trying to assess the fallout from this move,” the report states.
This lack of order has had governments on both sides scrambling toward a Safe Harbor replacement for the past two years, yet in its report Cisco cites mounting “concerns about the anticipated new mechanism” among industry representatives who speculate that it will be “no less controversial than its predecessor,” and could potentially face a similar fate: being tossed out by a court.
November’s terrorist attacks on Paris and growing international security fears may also impact the Safe Harbor process, as more lawmakers and citizens call for private companies to allow intelligence agencies to peak past end-to-end encryption in efforts to stymie attack plots. The bright spot? Cisco experts say that the strong encryption push could give “additional momentum” to Safe Harbor 2.0, as “civil liberties concerns take a back seat to security concerns.”