There he goes again … FBI Director James Comey was in New York last week, seeking to exploit the tragic attacks in Paris to further his campaign to force Apple, Google, Facebook, and others to hand over the keys to their encryption technology. He claims law enforcement is “going dark” because the “bad guys” are using encryption.
As recently as last month, the FBI seemed to be walking back from their demands that companies install a back door or otherwise weaken the encryption of their consumer products in the face of opposition from privacy and civil liberties advocates and tech companies.
But emails leaked by the Washington Post last summer indicate that the intelligence community was really just lying in wait for something like the Paris attacks to give them an opening.
Although “the legislative environment is very hostile today,” the intelligence community’s top lawyer, Robert S. Litt, said to colleagues in an August e-mail, which was obtained by The Post, “it could turn in the event of a terrorist attack or criminal event where strong encryption can be shown to have hindered law enforcement.”
There is value, he said, in “keeping our options open for such a situation.”
And, their accomplices, Senators McCain (R-AZ) and Feinstein (D-CA) are ready to help. McCain has promised hearings and legislation, while Senator Feinstein set to work demonizing U.S. tech companies:
“If you create a product that allows evil monsters to communicate in this way, to behead children, to strike innocents, whether it’s at a game in a stadium, in a small restaurant in Paris, take down an airliner, that’s a big problem.”
Leaving aside the actual FACT that the terrorists in France were communicating in the open without encryption, here’s why it doesn’t make sense to force U.S. tech companies to provide backdoors:
1. Encryption is a safeguard against repression
It doesn’t take much imagination to understand how a “golden key” or backdoor into devices and communications could be used by authoritarian regimes to spy on their people, including political adversaries and minorities. But we shouldn’t be sanguine about that tool in the hands of U.S. law enforcement and intelligence agencies, which have demonstrated a willingness to circumvent the Fourth Amendment time and again to take aim at political adversaries and minorities.
2. Outlawing encryption is like “trying to outlaw math”
Congress can force Google and others to weaken encryption, but it can’t force firms in other countries to follow suit, nor can it prevent terrorists from developing their own encryption. Open Technology Institute’s Kevin Bankston noted that “Any attempt to mandate back doors or prohibit the technology altogether would basically amount to trying to outlaw math, and any attempt to do so will fail to make us safer against terrorism, while making us all much less safe online and also threatening our digital economy.”
3. Encryption makes us more secure
The threat from hackers is real. When Senator Feinstein was trying to get the Cybersecurity Information Sharing Act enacted, she declared “it’s impossible to overstate this threat: Trillions of dollars, the private data of every single American, even the security of critical infrastructure like our power grid, nuclear plants and drinking water are all at risk.”
Forcing U.S. companies to offer only weak encryption that law enforcement can break “will certainly leave millions of everyday consumers more vulnerable to much more common threats than terrorists: hackers and identity thieves,” according to the Los Angeles Times and a range of security experts.
4. Our vast surveillance state is not going dark
Intelligence agencies in the U.S. and elsewhere are not going dark. Not by any stretch of the imagination. They continue to hoover up our phone and email metadata, track our movements via automatic license plate readers and Stingray devices, infiltrate our social change movements, and monitor our religious activity. Our intelligence agencies continue to operate on a “collect it all” footing and are, in fact, overwhelmed by all the data they collect. The much bigger problem is the inability to analyze and make use of all the information they have.
Last spring, BORDC/DDF joined with other civil society groups to ask President Obama to oppose mandatory back doors to encrypted devices and communications: