April 2016: Decoding the Encryption Debate

Washington Watch | April 2016
By Bruce Moyer

A battle is brewing on Capitol Hill about how the government should respond to encryption technology that helps criminals and terrorists avoid detection and surveillance. The debate pits the CEOs of Silicon Valley’s biggest tech firms against top officials in our law enforcement and national security agencies. At issue is the use of encrypted apps on smartphones, like WhatsApp and Telegram, that prevent government authorities from gaining access to data messages on those phones.

The ability of persons to “go dark” by encrypting their communications poses “one of the greatest counterterrorism challenges of the 21st century, and it is one of the biggest fears that keeps me up at night,” says Rep. Mike McCaul (R-Texas), chair of the House Homeland Security Committee. FBI Director James Comey agrees. Comey was among the first to raise concerns about the challenges that end-to-end encryption creates for law enforcement and national security, even before the Paris terrorists used encrypted apps to communicate with one another in planning their attacks. Even afterward, encryption can continue to undermine investigative efforts. According to media reports, the FBI is still trying to find a way to access the 109 messages that are locked inside the phone a terrorist used to communicate with an ISIS operative in Syria before opening fire at the Prophet Muhammad cartoon expo in Garland, Texas, in May last year.

Turning the Tables on Law Enforcement
The roots of the encryption issue lie in Apple’s announcement in September 2015 that its new operating system for smartphones and tablets would employ encryption to make all data on its devices completely inaccessible without a passcode. Google soon thereafter announced it would do the same on its devices too. Since then, full-disk encryption of data on a device at rest has dramatically turned the tables for law enforcement in their efforts to find evidence of many crimes, including murder, sexual assault, and terrorism.

Technology once again has leap-frogged the law. In the nondigital world, evidence of crimes kept in desks, closets, and safes traditionally has been accessible to law enforcement through a search warrant issued by a neutral judge. Access to an encrypted smartphone with stored evidence of a crime, however, is unavailable to the government, even with a search warrant, when the government lacks the passcode to an encrypted phone. A search warrant is not enough to permit the government to compel a defendant to provide the passcode, precedent holds, for First Amendment self-incrimination reasons. That has led some law enforcement officials to call for guaranteed access to encrypted devices through a specially created portal in devices and operating systems, popularly called a “back door,” that would permit the government, with a warrant, to unscramble messages if and when it needed to. Senators Richard Burr (R-N.C.) and Dianne Feinstein (D-Calif.) are working on a bill to require that tech companies maintain the ability to decrypt data when compelled by a court order.

Will Encryption Strengthen Security or Weaken It?
Calls for back-door access to encrypted phones have been resisted by a range of interests, including technology companies, privacy proponents, and even some former national security officials. They worry that any back door used by law enforcement officials could also be exploited by hackers, cybercriminals, and others. Former National Security Agency Director Mike Hayden and Rep. Will Hurd (R-Texas), a former CIA officer, oppose policies that weaken encryption, because they say they will only diminish cybersecurity, reduce privacy, and make things worse. Legislating encryption standards might “do more harm than good” in the fight against terrorism, Senate Homeland Security Committee Chairman Ron Johnson (R-Wisc.) has said.

The encryption debate is certain to carry into 2017, beyond this year’s election politics. More time for thoughtful attention is necessary. Some officials, like House Homeland Security Chairman Michael McCaul (R-Texas), have called for the creation of a national commission to recommend solutions. McCaul and Sen. Mark Warner (D-Va.), a member of the Senate Intelligence Committee, have introduced legislation that would create a commission made up of Silicon Valley experts, federal law enforcement, the intelligence community, and others to make recommendations to Congress. But a commission approach will take too long, some believe. Ultimately, a commission would be a small start. A compromise between the tech companies and law enforcement authorities on a workaround to encryption in time-sensitive, terrorism-related circumstances remains the answer.
Bruce Moyer is government relations counsel for the FBA. © 2016 Bruce Moyer. All rights reserved.


Connect With Us...