recommended reading

Lawmakers Skeptical of FBI’s Push for Encryption Back Doors

Mark Lennihan/AP

Silicon Valley and the nation's law enforcement community are in an arms race.

Tech companies like Apple and Google want to make the data customers carry on their smartphones and computers more secure, safe from the prying eyes of spies and identity thieves alike. But law-enforcement officials—from the FBI to local police—see those same devices as treasure troves of evidence that they could be using to stop crimes and catch criminals.

As the tech giants get better at encryption, however, law-enforcement agencies are turning to Congress for help, asking lawmakers to make it mandatory for the tech companies to make their devices more accessible. FBI Director James Comey made that case personally on Thursday, saying at the Brookings Institution that police need new legislation to help them catch criminals who are using encryption to hide incriminating evidence.

Law-enforcement agencies are accustomed to getting what they want from the federal government—from new legal authority to the type of military-grade material recently on display in Ferguson, Mo. But following the broad and unflattering attention placed on government surveillance by Edward Snowden's leaks, few on Capitol Hill are demonstrating any appetite for further peeling back privacy protections.

"I'd be surprised if more than a handful of members would support the idea of backdooring Americans' personal property," Sen. Ron Wyden, an Oregon Democrat and vocal privacy advocate, said.

An aide to Senate Judiciary Committee Chairman Patrick Leahy said the senator is open to reviewing the FBI's proposal, but that right now, he's focused on passing his own bill that would rein in government spying.

And a House Democratic aide said that staffers have been in touch with the FBI on the issue but that Congress is unlikely to force technology companies to build backdoors into their networks and devices anytime soon.

"I think the combination of business and civil-liberty concerns would have made this proposal difficult to adopt even before the Snowden disclosures," the aide said. "In the middle of a surveillance-reform fight, it's just that much more complicated."

The FBI director warned Thursday that encryption technologies are allowing criminals to become "beyond the law." Even with a court order, police are unable to access information that is critical to solving crimes, he said.

"The FBI has a sworn duty to keep every American safe from crime and terrorism, and technology has become the tool of choice for some very dangerous people," Comey said in a speech at Brookings. "Unfortunately, the law hasn't kept pace with technology, and this disconnect has created a significant public-safety problem."

The Communications Assistance for Law Enforcement Act, a 1994 law known as CALEA, forces telephone companies to build surveillance technologies into their networks to allow law enforcement to install wiretaps. But the law hasn't been updated and doesn't cover new devices and online forms of communication.

Apple and Google recently announced that their new phones will feature default encryption that will make it impossible to unlock the devices for police. "Are we so mistrustful of government—and of law enforcement—that we are willing to let bad guys walk away ... willing to leave victims in search of justice?" Comey asked.

He urged Congress to update CALEA to "create a level playing field" so that companies like Google and Apple have to provide police the same access to information that telephone providers like AT&T do.

But the plan will face fierce resistance from tech companies and privacy advocates. They warn that any backdoor for law enforcement could also be exploited by hackers. Greg Nojeim, a senior counsel with the Center for Democracy and Technology, said he doubts Congress will enact legislation to make U.S. products less secure.

"Who in Europe is going to buy these newly compromised cell phones if Congress insists that they be made with backdoors for U.S. law enforcement?" Nojeim asked. "It's probably one of the worst job killers a member of Congress could propose."

A large majority of House members have already gone on the record opposing backdoor access to Americans' information. In June, the House voted 293-123 to adopt an amendment to a defense appropriations bill to cut off funds for National Security Agency projects that build vulnerabilities into security products.

Ed Black, the president of the Computer & Communications Industry Association, a lobbying group that represents Google, Facebook, Yahoo, and others, said securing customer information is a core function of technology companies. The new encryption features are more than just marketing gimmicks, he said.

"It's not like a new color on [the customer's] phone," he said. "It's something that they think is essential to protecting their freedom, their lives, and their privacy."

In his speech Thursday, Comey said he understands the need of businesses to compete overseas and that his goal isn't to "stifle innovation or undermine U.S. companies."

"But we have to find a way to help these companies understand what we need, why we need it, and how they can help, while still protecting privacy rights and providing network security and innovation," he said. "We need our private-sector partners to take a step back, to pause, and to consider changing course."

Threatwatch Alert

Thousands of cyber attacks occur each day

See the latest threats

JOIN THE DISCUSSION

Close [ x ] More from Nextgov
 
 

Thank you for subscribing to newsletters from Nextgov.com.
We think these reports might interest you:

  • It’s Time for the Federal Government to Embrace Wireless and Mobility

    The United States has turned a corner on the adoption of mobile phones, tablets and other smart devices, outpacing traditional desktop and laptop sales by a wide margin. This issue brief discusses the state of wireless and mobility in federal government and outlines why now is the time to embrace these technologies in government.

    Download
  • Featured Content from RSA Conference: Dissed by NIST

    Learn more about the latest draft of the U.S. National Institute of Standards and Technology guidance document on authentication and lifecycle management.

    Download
  • A New Security Architecture for Federal Networks

    Federal government networks are under constant attack, and the number of those attacks is increasing. This issue brief discusses today's threats and a new model for the future.

    Download
  • Going Agile:Revolutionizing Federal Digital Services Delivery

    Here’s one indication that times have changed: Harriet Tubman is going to be the next face of the twenty dollar bill. Another sign of change? The way in which the federal government arrived at that decision.

    Download
  • Software-Defined Networking

    So many demands are being placed on federal information technology networks, which must handle vast amounts of data, accommodate voice and video, and cope with a multitude of highly connected devices while keeping government information secure from cyber threats. This issue brief discusses the state of SDN in the federal government and the path forward.

    Download
  • The New IP: Moving Government Agencies Toward the Network of The Future

    Federal IT managers are looking to modernize legacy network infrastructures that are taxed by growing demands from mobile devices, video, vast amounts of data, and more. This issue brief discusses the federal government network landscape, as well as market, financial force drivers for network modernization.

    Download

When you download a report, your information may be shared with the underwriters of that document.