Lawmakers Skeptical of FBI’s Push for Encryption Back Doors
The bureau’s director is arguing that legislation is needed to catch criminals who are using new technologies, but some in Congress disagree.
Silicon Valley and the nation's law enforcement community are in an arms race.
Tech companies like Apple and Google want to make the data customers carry on their smartphones and computers more secure, safe from the prying eyes of spies and identity thieves alike. But law-enforcement officials—from the FBI to local police—see those same devices as treasure troves of evidence that they could be using to stop crimes and catch criminals.
As the tech giants get better at encryption, however, law-enforcement agencies are turning to Congress for help, asking lawmakers to make it mandatory for the tech companies to make their devices more accessible. FBI Director James Comey made that case personally on Thursday, saying at the Brookings Institution that police need new legislation to help them catch criminals who are using encryption to hide incriminating evidence.
Law-enforcement agencies are accustomed to getting what they want from the federal government—from new legal authority to the type of military-grade material recently on display in Ferguson, Mo. But following the broad and unflattering attention placed on government surveillance by Edward Snowden's leaks, few on Capitol Hill are demonstrating any appetite for further peeling back privacy protections.
"I'd be surprised if more than a handful of members would support the idea of backdooring Americans' personal property," Sen. Ron Wyden, an Oregon Democrat and vocal privacy advocate, said.
An aide to Senate Judiciary Committee Chairman Patrick Leahy said the senator is open to reviewing the FBI's proposal, but that right now, he's focused on passing his own bill that would rein in government spying.
And a House Democratic aide said that staffers have been in touch with the FBI on the issue but that Congress is unlikely to force technology companies to build backdoors into their networks and devices anytime soon.
"I think the combination of business and civil-liberty concerns would have made this proposal difficult to adopt even before the Snowden disclosures," the aide said. "In the middle of a surveillance-reform fight, it's just that much more complicated."
The FBI director warned Thursday that encryption technologies are allowing criminals to become "beyond the law." Even with a court order, police are unable to access information that is critical to solving crimes, he said.
"The FBI has a sworn duty to keep every American safe from crime and terrorism, and technology has become the tool of choice for some very dangerous people," Comey said in a speech at Brookings. "Unfortunately, the law hasn't kept pace with technology, and this disconnect has created a significant public-safety problem."
The Communications Assistance for Law Enforcement Act, a 1994 law known as CALEA, forces telephone companies to build surveillance technologies into their networks to allow law enforcement to install wiretaps. But the law hasn't been updated and doesn't cover new devices and online forms of communication.
Apple and Google recently announced that their new phones will feature default encryption that will make it impossible to unlock the devices for police. "Are we so mistrustful of government—and of law enforcement—that we are willing to let bad guys walk away ... willing to leave victims in search of justice?" Comey asked.
He urged Congress to update CALEA to "create a level playing field" so that companies like Google and Apple have to provide police the same access to information that telephone providers like AT&T do.
But the plan will face fierce resistance from tech companies and privacy advocates. They warn that any backdoor for law enforcement could also be exploited by hackers. Greg Nojeim, a senior counsel with the Center for Democracy and Technology, said he doubts Congress will enact legislation to make U.S. products less secure.
"Who in Europe is going to buy these newly compromised cell phones if Congress insists that they be made with backdoors for U.S. law enforcement?" Nojeim asked. "It's probably one of the worst job killers a member of Congress could propose."
A large majority of House members have already gone on the record opposing backdoor access to Americans' information. In June, the House voted 293-123 to adopt an amendment to a defense appropriations bill to cut off funds for National Security Agency projects that build vulnerabilities into security products.
Ed Black, the president of the Computer & Communications Industry Association, a lobbying group that represents Google, Facebook, Yahoo, and others, said securing customer information is a core function of technology companies. The new encryption features are more than just marketing gimmicks, he said.
"It's not like a new color on [the customer's] phone," he said. "It's something that they think is essential to protecting their freedom, their lives, and their privacy."
In his speech Thursday, Comey said he understands the need of businesses to compete overseas and that his goal isn't to "stifle innovation or undermine U.S. companies."
"But we have to find a way to help these companies understand what we need, why we need it, and how they can help, while still protecting privacy rights and providing network security and innovation," he said. "We need our private-sector partners to take a step back, to pause, and to consider changing course."
NEXT STORY: Here Comes the Army Cyber Battle Lab