Skip to main content
banner image
venafi logo

Encryption Stories That Caught Our Eye | June 14

Encryption Stories That Caught Our Eye | June 14

Encryption, encryption backdoor, HIPAA
June 14, 2019 | Katrina Dobieski


Government rumblings and a HIPAA scandal have pushed themselves to the forefront of our encryption discussion this week. As we review the 2015 terrorist-linked San Bernardino shootings, former FBI administrator Jim Baker speaks out as to why law enforcement should be allowed access into phones and personal encrypted technology. In China, amidst a flourishing of state-run encryption research, 80% of surveyed citizens report being involved in a data breach. And, if you’ve ever worked with personal medical information, you’ve signed a HIPAA waiver, but what happens when those who comply with HIPAA fail to comply with encryption? Dig in to the encryption stories that are shaping our world today.



The FBI and Apple’s Encryption

Transcript: Jim Baker | The Oath with Chuck Rosenberg

Former general counsel of the FBI, Jim Baker oversaw the FISA (Foreign Intelligence Surveillance Act) division at the Department of Justice and had a leading role in the investigation of the 2015 terrorist-linked San Bernardino, CA shootings.

During the 2015 case, leads had come to a standstill as all investigators were staring blankly at a locked iPhone with no way in. Tips had led them to find reason to search the phone for any communication prior to the shootings, and FBI agents had obtained a proper warrant. However, in light of the locked phone they were unable to go any further and so took their quandary to Apple who resisted the warrant.

Find out how the FBI bypassed Apple’s encryption and how that sets a precedent for future investigations – or doesn’t. Read the full article.

Read related posts


HIPAA Breach Settles for $1M in First Settlement Involving State Attorneys General

The sensitive medical data of over 3.5 million people was recently compromised in a breach that service provider Medical Informatics Engineering, Inc. (MIE) didn’t do enough to prevent.

An Office for Civil Rights (OCR) investigation revealed that a mandatory comprehensive risk analysis had not been done prior to the attack. Remediation was well timed, as a related data breach had occurred within the company, spurring the first lawsuit of its kind based on a HIPAA violation. In addition to nearly a million dollars in payouts, MIE will be required to implement a security package that can spot a cybersecurity attack and will now “install technology to prevent data exfiltration.”

One of five implicating factors brought up by state attorneys in the determination of MIE’s status was that the company charged with the protection of millions of users’ electronic protected health information (ePHI) “failed to use encryption.” Read the full article 

Read related posts.


The Encryption Debate in China

A new government-sponsored study reveals trouble in China, when it comes to encryption.

Every province in People’s Republic of China has its own cryptography administration, while the state-run encryption agency falls under the direct purview of the Chines Communist Party General Office. There are differentiating laws on what is now considered “core encryption,” “common encryption” and “commercial encryption”. In the past several years, The National Information Security Standardization Technical Committee has enacted over 300 national cybersecurity standards, and in 2007 another state-run agency was created solely to promote cryptographic research.

That being said, 80% of Chinese survey participants recently reported being victims of a data leak. Chinese journalists purchased black market personal information at reasonable prices and “[n]otably, no major Chinese app utilizes end-to-end encryption.”

Will tech giants and the metastasizing digital transformation be enough to sway the encryption debate in China, or will the stalemate between state and personal privacy continue to allow cybercriminals to access the same backdoors? Read the full article.



Read related posts

Like this blog? We think you will love this.
Featured Blog

With Rapid Rise in Funds Stolen from DeFi Protocols, Private Keys in Play

Massive heist begins with

Read More
Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

Subscribe Now

See Popular Tags

You might also like

TLS Machine Identity Management for Dummies

TLS Machine Identity Management for Dummies

Certificate-Related Outages Continue to Plague Organizations
White Paper

CIO Study: Certificate-Related Outages Continue to Plague Organizations

About the author

Katrina Dobieski
Katrina Dobieski

Katrina writes for Venafi's blog and helps optimize Venafi's online presence to advance awareness of Machine Identity Protection.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more