If you tuned into a talk by Michael Rogers, director of the National Security Agency, at the Atlantic Council in Washington, D.C., this week, you might think the NSA had begun to change its tune about encryption—the technology favored by Apple and its Silicon Valley brethren to scramble users' data and communications (much to criminal investigators' chagrin), making them unintelligible to spies and hackers alike.
Rogers, who also heads the U.S. Cyber Command, surprised some commentators with a number of strong assertions about strong crypto that day. His statements could make a privacy advocate's heart swoon: "Encryption is foundational to the future," he said, adding that no one should expend a breath debating the point. Doing so, he stressed, would be a "waste of time." (Fast-forward to around 25:30 in this video clip posted to the think tank's website.)
Roger's remarks do not, in fact, indicate that he has bailed on his quest to gain access to people's encrypted data. To be sure, the intelligence boss' stance is entirely consistent with views he has expressed in the past—as well as with ones propounded by other members of the law enforcement set. For instance, James Comey, who heads the Federal Bureau of Investigation (and who is often painted as an encryption bogeyman), told the Senate last year that "it is important for our global economy and our national security to have strong encryption standards." That doesn't mean either doesn't still want access, of course.
For more on encryption, watch:
Rogers' posturing calls to mind other statements he's made on the national stage. “Strong encryption is in our nation’s best interest,” he said at a Wall Street Journal conference last fall, as Fortune's Kia Kokalitcheva reported. He then clarified, as my colleague paraphrased, that "he means strong, not full encryption of email and online files. The nuance is that strong encryption would still give his agency access to user information while full encryption would make the data unreadable." Strong versus full, huh?
Actually, no policy change has taken place. The government top dogs still seek entrée into encrypted data—even as other countries, such as the Netherlands and France, have scrapped plans to mandate that "backdoor" vulnerabilities be built into tech products. The only difference is that the Feds have begun to refine their talking points in such a way as not to cause a stir, as happened almost a year ago at a New America Foundation conference on cybersecurity, in which Alex Stamos, Facebook's security chief (then Yahoo's chief information security officer), went toe to toe with the admiral. (Not to mention Apple CEO Tim Cook's relentless criticism of the pro-crypto-cracking cohort.)
No, the NSA has remained on message. It is just getting better, perhaps, at encoding its intent.