The Great Encryption Debate Flares After Paris Attacks
Privacy advocates considered it a victory when the Obama administration reportedly shelved plans last month to push tech companies to make their users’ encrypted data open to law enforcement inspection. Now, following last week’s terror attacks in France, the White House is once again pressuring Silicon Valley to make their customers’ communications easier to monitor.
Although French officials have presented no evidence that the Paris terrorists used encrypted messaging tools for planning, U.S. authorities have seized the opportunity to argue that law enforcement is hamstrung by current practices.
Tech companies insist that strong encryption protects users by preventing criminals, hackers, and spies, from prying into private conversations. Law enforcement officials, on the other hand, have contended that the risk of “going dark”—being blocked from reading these communications—creates a national security threat.
The great encryption debate has drawn supporters to both sides. In one corner, Apple (AAPL) CEO Tim Cook, Dell CEO Michael Dell, and many technologists, have promoted strong encryption as being in the public’s best interest. On the other side are FBI Director James Comey, Sen. John McCain (R-Ariz.), BlackBerry (BBRY) COO Marty Beard, and others, who say that it obstructs officials who need insight into encrypted channels for investigations.
Legislators on Capitol Hill have begun pressing the issue more vociferously after the Islamist attacks in the French capital. This week, Senate Intelligence Committee Chairman Richard Burr told the Hill that the strikes were “a wake-up call for America and for our global partners” and that strongly encrypted systems make “us blind to the communications and to the actions of potential adversaries.”
Sen. McCain also told reporters that “we’re going to have legislation” and that the current paradigm is “unacceptable.”
In fact, reports suggest that the Paris attackers may have communicated in the clear, sans encryption, through SMS messaging. The contents of a mobile phone reportedly recovered from the scene, plus an eyewitness tip, seems to have helped the Parisian police locate the alleged orchestrator of the plot, Abdelhamid Abaaoud, a known operative of the self-declared Islamic State.
Big tech companies are pushing back against the renewed interest by U.S. authorities to weaken encryption, although they are wary of coming across as brash or uncaring after the Paris killings left more than 120 dead. An industry group representing companies like Apple, Google (GOOG) and Microsoft (MSFT) released a statement to that effect on Thursday.
“We deeply appreciate law enforcement’s and the national security community’s work to protect us, but weakening encryption or creating backdoors to encrypted devices and data for use by the good guys would actually create vulnerabilities to be exploited by the bad guys, which would almost certainly cause serious physical and financial harm across our society and our economy,” said Dean Garfield, president and CEO of the Information Technology Industry Council. “Weakening security with the aim of advancing security simply does not make sense.”
Meanwhile, the office of Cyrus Vance, the Manhattan district attorney, has issued a report urging Congress to pass measures that would let law enforcement officers bypass encryption. The authors of the white paper wrote that “it is a government’s principal responsibility to keep its residents safe, and that a government cannot fulfill that responsibility if huge amounts of vital information directly related to public safety are inaccessible to the government.”
Comey, the FBI director, has said that the tenor of the encryption talks has changed since he last pushed law enforcement’s position, reports Politico. “My sense is the venom has been drained out of the conversation, that people understand that we are not some kind of maniacs who are ideologues against encryption,” he said. “We support encryption, but we have a problem that encryption is crashing into public safety and we have to figure out, as people who care about both, to resolve it. So, I think the conversation’s in a healthier place.”
Nevertheless, a number of technologists and privacy advocates note that strong encryption technology is, for the most part, open and available to anyone, and that imposing regulations on U.S. corporations may hurt their business interests at home and abroad, as well as render consumers more vulnerable to digital attacks.
There is no telling which way the winds will blow as they rekindle a debate many thought had been extinguished.
Follow Robert Hackett on Twitter at @rhhackett. Read his cybersecurity, technology, and business coverage here. And subscribe to Data Sheet, Fortune’s daily newsletter on the business of technology, where he writes a weekly column.
For more on ISIS, watch the video below: