As Donald Trump fills out national security and law enforcement posts in his new cabinet, the future of encryption may hang in the balance.
On the campaign trail, the president-elect was a committed foe of cop-proof encryption systems that shield customer communications even from the communications provider.
Most prominently, he urged supporters to boycott Apple over the company’s refusal to help the FBI bypass a security feature that prevented cracking into the encrypted iPhone used by San Bernardino shooter Syed Farook.
» Get the best federal technology news and ideas delivered right to your inbox. Sign up here.
Supporters of strong encryption are also aware the president-elect has reined in some of his more controversial positions. They’re watching closely to see if his encryption stance may soften once he’s in the White House.
“I think that’s going to be a prominent topic for a lot of the individuals engaged with the new administration, to make sure there’s a full understanding of the impact [of the encryption debate],” Ann Barron-DiCamillo, former director of the Homeland Security Department's Computer Emergency Response Team told Nextgov. “Understanding that impact and not just talking about it during a campaign is a very different place.”
The encryption debate has been at a slow burn since March. That’s when the FBI backed away from its standoff with Apple after an unnamed third party helped the bureau crack into the San Bernardino phone for a hefty fee.
In the wake of that standoff, Senate Intelligence Chairman Sen. Richard Burr, R-N.C., and ranking member Sen. Dianne Feinstein, D-Calif., floated draft legislation in April that would compel tech companies to help law enforcement access customer communications when presented with a warrant—essentially, the position Apple was in.
That bill, which was never formally introduced, stopped short of mandating a government backdoor into encrypted communications FBI Director James Comey has advocated for.
President Barack Obama refused to publicly come down on either side of the encryption debate, saying you “can’t take an absolutist view.”
Encryption advocates are concerned a crisis similar to the Apple-FBI standoff could thrust the debate back into the spotlight but with an executive branch unified on the side of forcing tech firms to help law enforcement.
“I think the worst case scenario is the Burr bill comes back up and it garners significant support and, unlike the last administration, we have a White House that’s wholeheartedly in support,” said Gabe Rottman, deputy director of the Center for Democracy and Technology’s Freedom, Security and Technology Project.
“There’s certainly the fear that there is another crisis and measures like this will slip through without appropriate deliberation because of fear and anxiety,” he added.
Congress, which was also fiercely divided during the Apple dispute, may feel pressure to fall in line, said Evan Geer, campaign director with Fight for the Future, a web freedom advocacy group that organized nationwide protests during the Apple-FBI standoff.
“The reality is, we’re sort of constantly in crisis on this,” Geer said. “The entire election season was dominated by news of leaked information, hacks of private emails. All of these things are fueling a general sense in Congress that ‘the cyber is dangerous and we have to do something about it.’ There’s almost nothing in the world more dangerous than a bunch of politicians sure they should do something about something they don’t understand.”
Some of Trump’s cabinet picks advocate for more measured approaches, however, giving tech executives and security advocates hope the incoming president might temper his position.
Trump’s pick for CIA chief, Rep. Mike Pompeo, R-Kan., urged Apple to cooperate with the FBI in the San Bernardino case, but also criticized calls for the government to mandate law enforcement backdoors into encrypted communications saying such laws would simply drive terrorists and criminals to non-American encryption systems.
A rumored prospect to lead DHS, Rep. Mike McCaul, R-Texas, authored compromise legislation at the height of the Apple dispute that would create a nonpartisan commission of academics, experts and business officials to examine long-term encryption tradeoffs between cybersecurity, national security, privacy and civil liberties.
McCaul, who chairs the House Homeland Security Committee, co-sponsored the legislation with Sen. Mark Warner, D-Va., who will replace Feinstein as ranking member on the Senate Intelligence Committee next Congress and could act as another check on encryption subverting legislation.
Trump’s pick to lead the Justice Department, Sen. Jeff Sessions, R-Ala., seemingly took a harder line, telling Bloomberg at the height of Apple’s encryption standoff that law enforcement’s ability to access encrypted communications was a “life and death” issue and that Apple CEO Tim Cook did not understand the stakes.
Encryption supporters are also trying to nudge the president-elect.
The Internet Association, a tech lobbying group that counts Google and Amazon among its members, sent a letter to the president-elect this month urging him to support strong encryption among other priorities. BSA | The Software Alliance, which represents Microsoft and IBM among others, released a set of encryption principles the following day.
The Information Technology Industry Council, which represents Google, Facebook and Amazon among others, predicted a likely government effort to undermine encryption in a post-election letter to members shared with Nextgov.
“The tech sector will need to undertake an early and concerted education effort to demonstrate how weakening encryption is also a matter of personal and national security,” the letter stated.