Deputy Attorney General Rod Rosenstein is urging U.S. companies to be forthright in sharing encrypted data and information related cyber incidents with the Department of Justice (DoJ).
During a Monday speech, Rosenstein pushed for greater conversation on public-private partnerships to combat future cyber threats and expressed his aim to combat the issue of “going dark,” where businesses withhold encrypted data from law enforcement required as evidence in a crime.
“I encourage you to carefully consider your company’s interests and how you can work cooperatively with us. Although encryption can help secure your data, it may also prevent law enforcement agencies from protecting your data,” said Rosenstein while addressing the North American International Cyber Summit in Detroit.
Rosenstein called for responsible encryption where companies have full authority over their information, but retain the capability to provide DoJ with unencrypted copies of data.
“The problem is especially critical because electronic evidence is necessary for both the investigation of a cyber incident and the prosecution of the perpetrator. If we cannot access data even with lawful process, we are unable to do our job. Our ability to secure systems and prosecute criminals depends on our ability to gather evidence,” said Rosenstein.
The deputy attorney general cited a need for greater cooperation between the private sector and DoJ to build unilateral action against future cyber threats.
Industry has a responsibility to inform law enforcement when they fall victim to a cyber incident, and cooperate in handing over the necessary evidence to pursue an investigation. Rosenstein touted DoJ’s ability to help businesses by sharing contextual info on related incidents, ensuring proper preservation of evidence, and prosecuting cyber actors.
“I occasionally hear that business executives do not feel comfortable reporting cyber incidents to law enforcement. Undoubtedly, the decision to notify law enforcement of a cyber-attack and to cooperate fully in an investigation involves a certain risk-reward calculation weighing the anticipated benefits of a proactive approach against potential legal, reputational, and other costs,” said Rosenstein. “But I want to emphasize how important it is to report cyber incidents as quickly as possible.Your actions, together with law enforcement’s help, could disrupt and deter those who would launch the next attack. A collaborative approach will be more effective than merely trying to avoid becoming the next victim.”