McCain exhorts Silicon Valley to play ball on 'going dark' issue

Sen. John McCain (R-Ariz.) has a blunt message for technology firms reluctant to heed Washington's call to find a workaround to end-to-end encryption: Get with the program.

In a Feb. 5 op-ed in Bloomberg View, the Senate Armed Services Committee chairman called industry executives' objections to weakening encryption "ideologically motivated and profit-driven, though not without merit."

"By speaking in absolute terms about privacy rights, they bring the discussion to a halt, while the security threat evolves," McCain wrote.

He added that the warnings from top cryptologists that giving law enforcement a backdoor into encrypted communications could have adverse security effects are reasonable but "not the end of the analysis."

McCain's editorial marks another turn in the often freighted conversation between Washington and Silicon Valley about the so-called going dark challenge, in which law enforcement officials cannot access the communications of suspected criminals and terrorists, even with a warrant.

FBI Director James Comey raised his concerns in October 2014 after Apple and Google announced they were including default encryption as the default setting on mobile operating systems. The conversation gained vehemence after the terrorist attacks in San Bernardino, Calif., and Paris last year, though there is scant evidence that advanced encryption tools helped facilitate those attacks.

McCain juxtaposed the Islamic State group's physical conquests with those he said the terrorist organization has made in cyberspace. The Obama administration decided last year to drop its pursuit of a legislative fix to end-to-end encryption, choosing instead to enlist industry executives' support voluntarily. For McCain, that is not enough.

He suggested that Congress consider a bill that would require U.S. telecommunications firms to "adopt technological alternatives that allow them to comply with lawful requests for access to content, but that would not prescribe what those systems should look like." McCain said the bill could mirror one enacted in 1994 that required telecom carriers to be capable of being wiretapped by law enforcement.

A McCain spokesperson did not answer questions about whether the senator plans to introduce such a bill and how the bill might incentivize technology firms to offer something other than default encryption. McCain "continues to consider all options and work with other senators and Senate committees to address this issue," the spokesperson said.

Rep. Michael McCaul (R-Texas) and Sen. Mark Warner (D-Va.) have proposed creating a commission of technologists, privacy activists and law enforcement officials to tackle the challenge. Legislation to set up the commission is expected soon.

Meanwhile, Sens. Richard Burr (R-N.C.) and Dianne Feinstein (D-Calif.), chairman and vice chairwoman of the Senate Select Committee on Intelligence, respectively, are working on their own legislation to give law enforcement access to encrypted communications.

Peter Singer, a senior fellow at New America who has consulted for the U.S. military and the FBI, was unimpressed by McCain’s op-ed. "It is this classic tone-deaf approach of politicians continually calling for some kind of magical solution to an actual technology policy problem, which so frustrates Silicon Valley in their D.C. interactions," Singer told FCW.

Singing a different tune

McCain's frank message for industry executives contrasts with the way he and other policymakers in Washington have courted Silicon Valley to work more closely with the Pentagon.

That courtship has taken on a sense of urgency as defense officials talk openly about what they see as the country's eroding technology advantage in the face of advancements by Russia, China and others. Defense Secretary Ash Carter has sought to rejuvenate DOD's relationship with startups by opening an outreach office in Silicon Valley.

In a June 2015 op-ed in Wired, McCain argued that the fiscal 2016 National Defense Authorization Act he helped craft would encourage startups to work with DOD by making acquisition regulations less cumbersome. The bill has since become law and includes several measures aimed at bolstering the way the Pentagon acquires cyber capabilities.

Justin Johnson, a senior policy analyst at the Heritage Foundation, said a rapid-acquisition provision in NDAA opened the door for closer collaboration between DOD and Silicon Valley and could prove to be a useful tool.

Nonetheless, it is likely too early to tell if overtures to Silicon Valley are bearing fruit in the form of defense contracts with startups, Johnson told FCW. "That takes longer to figure out but is also the most important part," he said.