Barr Calls For An End to ‘Warrant-Proof’ Encryption

Attorney General William Barr on Tuesday railed against “warrant-proof” encryption tools and argued society should accept the security risks of building backdoors in encryption software.

By making it harder for law enforcement to apprehend terrorists, drug traffickers, murderers and other criminals, encryption tools are transforming cyberspace into a “law free” zone where wrongdoers can act with impunity, Barr said at the International Conference on Cybersecurity in New York City. Though the digital economy, personal privacy and cybersecurity have all benefited from encryption, he said, its unfettered use is having an outsized negative impact on public safety.

His speech, which repeated many of the government’s long-standing complaints about the tech, renews a debate that’s driven a wedge between the law enforcement community and tech sector for years. The remarks come a month after Politico reported the Trump administration was considering legislation that would outlaw encryption tools that are inaccessible to law enforcement.

“As this debate has dragged on and deployment of warrant-proof encryption has accelerated, our ability to protect the public from criminal threats is rapidly deteriorating,” Barr said in his prepared remarks. “The status quo is exceptionally dangerous, unacceptable and only getting worse. It is time for the United States to stop debating whether to address it and start talking about how to address it.”

Law enforcement and the tech industry have butted heads over encryption for years, but the dispute came into the spotlight following two high-profile terrorist attacks in 2015. In both shootings—one in San Bernardino, Calif., and the other in Garland, Texas—investigators were unable to access attackers’ digital communications due to encryption, and tech companies wouldn’t help them decode the messages. Since then, law enforcement officials have repeatedly called for a mechanism that allows them to access the devices of criminals who have “gone dark.”

But for the most part, U.S. tech companies have refused to play ball. Building a so-called “backdoor” into encryption tools would weaken the overall software, they argue, making it easier for cybercriminals or foreign spies to access the devices as well.

In his speech, Barr dismissed these concerns, claiming many companies have been able to avoid breaches while maintaining access to encrypted communications. And even if backdoors led to a slight decrease in security, he said, the benefits would outweigh the costs.

“Some [companies] argue that, to achieve at best a slight incremental improvement in security, it is worth imposing a massive cost on society in the form of degraded safety,” he said in his prepared remarks. “This is untenable.”

While Barr didn’t announce any new legislation or policy measures, he said it would be best for the tech industry to get on board with the Justice Department before “a crisis” strikes.

Following the attorney general’s speech, Sen. Ron Wyden, D-Ore., one Capitol Hill’s most outspoken privacy advocates, delivered an impassioned speech on the Senate floor condemning Barr’s remarks as “deeply flawed” and arguing the Trump administration would abuse encryption backdoors for political gain.

“Banning encryption in America will not stop bad guys from using encryption, it will not ban basic math and algorithms elsewhere in the world,” Wyden said. “It will only leave Americans less secure against foreign hackers, and … it will leave Americans less secure against intrusions by an administration that has shown [it is] willing to support lawless measures.”

Other tech industry experts echoed similar arguments.

In a statement to Nextgov, Tommy Ross, senior policy director at the industry trade group BSA | The Software Alliance, argued law enforcement should focus on working with companies to improve their ability to circumvent encryption technology instead of weakening the tools themselves.

“Attorney General Barr has done little more than repeat the time-worn arguments against communications security that have been coming from the FBI,” Greg Nojeim, senior counsel and director at the Center for Democracy and Technology’s Freedom, Security & Technology Project, said in a statement. “Nowhere does he acknowledge the exploitation of unencrypted metadata to solve crimes, or the success of third-party contractors in exploiting even the most sophisticated encryption available in consumer devices.”