Weekly Byte: The Encryption Debate
In a speech from the Oval Office on Sunday, President Obama called on technology companies to work more closely with law enforcement. While he didn’t elaborate on this comment, many interpreted it to be a reference to the ongoing debate about encryption that companies like Google, Apple, and Facebook use to protect their users’ content. The purpose of this blog isn’t to debate politics, but these comments did remind me of how convinced I am that at pMD, we took the right approach in using the strongest possible encryption technology when we were building our HIPAA compliant messaging product.
Wikipedia defines encryption as “the process of encoding messages or information in such a way that only authorized parties can read it.” In practice, this means that only the sender and recipient(s) of a pMD message can read its content. To anyone else, including a pMD developer, the bytes that represent the message just look like gibberish. It’s not possible to decipher them.
When we were building our secure messaging product, it would have been a lot easier and faster to store messages and attachments either unencrypted, or using a weak encryption algorithm. However, both pMD as a whole, and especially our development organization, believe that the right thing to do for our users is rarely the easiest. So we took the best approach for our customers and used the strongest encryption techniques available. We even went as far as removing the default restriction that Java, one of the primary programming languages we use, imposes on maximum encryption strength so that we could use something stronger.
We’ll continue to make our users’ privacy and security a central theme of all the development work we do at pMD. We don’t take that responsibility lightly. And, while the political debate around encryption looks like it will rage on for some time to come, I sleep better at night knowing how we’ve chosen to safeguard our customers’ data.
Wikipedia defines encryption as “the process of encoding messages or information in such a way that only authorized parties can read it.” In practice, this means that only the sender and recipient(s) of a pMD message can read its content. To anyone else, including a pMD developer, the bytes that represent the message just look like gibberish. It’s not possible to decipher them.
When we were building our secure messaging product, it would have been a lot easier and faster to store messages and attachments either unencrypted, or using a weak encryption algorithm. However, both pMD as a whole, and especially our development organization, believe that the right thing to do for our users is rarely the easiest. So we took the best approach for our customers and used the strongest encryption techniques available. We even went as far as removing the default restriction that Java, one of the primary programming languages we use, imposes on maximum encryption strength so that we could use something stronger.
We’ll continue to make our users’ privacy and security a central theme of all the development work we do at pMD. We don’t take that responsibility lightly. And, while the political debate around encryption looks like it will rage on for some time to come, I sleep better at night knowing how we’ve chosen to safeguard our customers’ data.
