DOJ Makes Another Plea for Encryption Backdoors
While officials have long framed end-to-end encryption as an impediment to fighting terrorism, the department is now focusing on its impacts on child sex abuse.
Senior Justice Department officials on Friday made another plea to the tech industry to do away with end-to-end encryption, a digital security measure they argue is allowing child sexual exploitation and other criminal activity to flourish online.
By rendering digital communications and other data virtually inaccessible to law enforcement officers, such encryption schemes have turned the internet into a “lawless space” where nefarious actors can commit crimes while evading detection, officials said during a summit at the agency’s D.C. headquarters. While encryption is critical to protecting personal data safe, they said, law enforcement agencies should be able to obtain that information under certain circumstances.
Government leaders and technologists have frequently butted heads over the creation of so-called “backdoors,” which would theoretically allow law enforcement to access encrypted communications if permitted under a warrant. While the government argues such measures are essential to prosecuting digital crimes, tech companies say backdoors would undermine privacy and security for their users and leave them vulnerable to hacks or surveillance.
Law enforcement agencies have historically framed the technology as an impediment to fighting terrorism, but on Friday, officials focused on its impact on child sexual abuse. The event, which featured speeches from Attorney General William Barr, FBI Director Christopher Wray and other high-ranking officials, comes on the heels of a New York Times report that detailed how child predators increasingly rely on encrypted platforms to share images and videos of their victims.
“While we should not hesitate to deploy encryption to protect ourselves from cyber criminals, this should not be done in a way that eviscerates society’s ability to defend itself against other types of criminal threats,” Barr said during his keynote address. “In other words, making our virtual world more secure should not come at the expense of making us more vulnerable in the real world.”
During the event, officials argued essentially the same point that law enforcement officials have made for years regarding end-to-end encryption: its adverse impacts on society outweigh its benefits. Barr said such measures may bring “incremental” improvements to digital security, but platforms shouldn’t optimize for privacy at the expense of other variables.
“The externalities of achieving that isolated goal at all costs are just unacceptably high,” he said, adding that companies should explore encryption schemes that allow for law enforcement access without diminishing privacy.
However, technologists see this as an untenable argument.
“Once there’s the ability for the technology to be breached for good and for bad, it will be breached for both good and bad,” Joel Wallenstrom, CEO of the encrypted messaging platform Wickr, said in a conversation with Nextgov.
End-to-end encryption is already developed, so today it’s impossible to put the genie back in the bottle, according to Wallenstrom. If one platform weakens its encryption to allow law enforcement access, criminals would quickly move to another site that doesn’t, he said, and those other platforms likely wouldn’t be as cooperative with officials as big companies like Facebook. The tech industry must work closely with the government to combat digital crime, he said, but investing in new cryptography and law enforcement technology is a better path forward than dismantling existing encryption tools.
“I think at the end of the day, when you start saying that the answer is to take steps backwards from innovation, history doesn’t prove that to be a successful strategy,” Wallenstrom said.
On Thursday, Barr and other high-ranking U.S. and foreign government officials sent a letter pressuring Facebook to build a backdoor into the encryption the company plans to roll out on its messaging services. Law enforcement officials received 12 million reports of child abuse material being shared on Facebook Messenger last year, but they argue that if end-to-end encryption is rolled out, users could still send illicit material to each other but neither the platform nor law enforcement could see it.
On Friday, dozens of tech advocates came out against officials’ request, though Facebook itself has no plans to comply.
“Ahead of our plans to bring more security and privacy to our messaging apps, we are consulting closely with child safety experts, governments and technology companies and devoting new teams and sophisticated technology so we can use all the information available to us to help keep people safe,” a company spokesperson said in a statement to Nextgov. “We strongly oppose government attempts to build backdoors because they would undermine the privacy and security of people everywhere.”
NEXT STORY: The Hidden Dangers in Your Phone Number