FBI Director Argues Private Companies Shouldn’t Decide Encryption Debate
A key lawmaker questioned whether the Justice Department’s position is at odds with the Defense Department’s.
FBI Director Christopher Wray presented the House Judiciary Committee with a nuanced stance on encryption when pressed to square the bureau’s position on the issue with that of the Defense Department.
In 2016, the FBI faced off against Apple in court over getting access to the locked phone of a shooter who killed 14 people in San Bernardino, California, so investigators could look for additional digital evidence. Apple, however, argued there was no way to allow law enforcement access without compromising the security of all users’ communications.
Since then, the FBI and law enforcement agencies have pushed tech companies to create access—some have referred to this as a “backdoor”—to communications sent using end-to-end encryption. This use of encryption shields messages from anyone other than the sender and intended recipients.
“It seems from the various statements we’ve seen that the FBI is taking one position and the Department of Defense is taking the opposite position,” Committee Chairman Jerry Nadler, D-N.Y., said to Wray, citing an October letter Defense Chief Information Officer Dana Deasy sent to Rep. Ro Khanna, D-Calif.
The letter, which Khanna forwarded to Senate Judiciary Chairman Lindsey Graham, R-S.C., in December, stressed the importance of “strong encryption” for protecting Defense’s information and resources.
The FBI’s agenda has generally been supported by law and order Republicans such as Graham. But the House hearing saw the agency’s pleas for the ability to thwart sex traffickers, perpetrators of hate crimes, and other criminals also garnering sympathy from at least one Democrat.
“When it comes to domestic terrorism and hate crimes and right-wing extremist nationalist groups, antisemetic groups out here using encryption to organize, to plan and then to conduct operations that actually result in people being killed and injured and you’re doing it in a way that you cannot be surveilled, you cannot be held to account in any way after the fact for what you did,” Rep. Henry Johnson, D-Ga., said, “I think that is a danger to our society.”
Democracy and civil liberties organizations argue end-to-end encryption is necessary to protect individuals’ privacy. The organizations appealed to Facebook to resist pressure from law enforcement to discontinue its plans to institute such encryption across its messaging services in an October letter.
“Speaking on Facebook’s plans to encrypt its messaging services, you said this would be a ‘dream come through for predators and child pornographers,’ that is, if they were able to encrypt without a backdoor,” Nadler said starting his questions for Wray.
But while Wray generally confirmed his comment, he denied using the term “backdoor.”
“We don’t think we’re asking for a backdoor, but the first part of what you said is correct,” Wray told Nadler, adding, “I don’t think the Department of Defense is taking a position on what Facebook should be doing about its messaging platform, and I would tell this committee the FBI believes strongly in encryption. We, after all, have a cybersecurity mission.”
Wray’s written testimony shows he was prepared to respond to questions regarding a fine line the FBI is walking in its push for lawmakers to do something about individual companies making decisions about whether law enforcement should be allowed to have information necessary to thwart criminals, including hackers.
“We continue to embrace the use of strong encryption within our most critical sectors and infrastructure,” reads Wray’s testimony, echoing the language in Defense’s letter.
Deasy also distinguished between personal devices and those issued by the government, noting the department’s mandatory security practices described in the letter apply only to the latter.
Wray’s written testimony urged lawmakers to “seek a solution that allows us to protect our nations’ most vulnerable while at the same time addressing the equities of the larger national security community.”
In an October essay, Jim Baker, former counsel for the FBI who argued the agency’s case in court against Apple, wrote: “I am unaware of a technical solution that will effectively and simultaneously reconcile all of the societal interests at stake in the encryption debate, such as public safety, cybersecurity and privacy as well as simultaneously fostering innovation and the economic competitiveness of American companies in a global marketplace.”
The FBI appears to be referring to a policy solution—rather than a technical one—that could potentially ban certain companies from using end-to-end encryption. However, as policymakers debate whether the social media platforms that house so many communications should be considered critical infrastructure, that is no less controversial.
In this second round of the old debate pitting privacy against security, the FBI is appealing to lawmakers on behalf of society’s most vulnerable.
“We have to have mechanisms to allow lawful access to protect flesh and blood Americans,” Wray said during the hearing. “Right now, even as we speak, … the National Center for Missing and Exploited Children gets about 18 million tips a year related to child exploitation, and some vast swath of those comes from Facebook.”
“If Facebook moves forward with the plans they have at the moment, we will be blinded,” he said. “They will blind themselves and law enforcement no matter what process this committee comes up with to allow us access to that content. I don’t think that’s a decision Facebook or any one company should be making on behalf of the American people.”