Modern field guide to security and privacy

After Paris attacks, lawmakers seek greater access to encrypted data

However, some senators want to avoid a 'knee-jerk' response to give law enforcement and intelligence agencies a power they say could harm all consumers’ security and privacy.

|
Kevin Lamarque/Reuters
Flags flew at half staff Monday on the National Mall as a mark of respect for victims of the Paris attacks.

Even though it's unclear whether Islamic State attackers relied on encrypted communications to plot the Paris attacks, many US lawmakers want law enforcement officials to be able to more easily access secure messages happening via commonly used smartphones and apps.  

"In the last 10 days, we’ve had almost 500 people killed as a direct result of terrorism. At some point, this administration has to have a commitment to defeat terrorism, and it’s going to start with better intelligence, as we have seen from the Paris attacks," said Senate Intelligence Committee Chairman Richard Burr (R) of North Carolina.

"And that’s going to require us to look inside, when needed, terrorists’ conversations and communications," he said. "Encryption has been a problem, will continue to be a problem, and that problem will grow."

The White House conducted an extensive policy review on ways to deal with the increasing prevalence of end-to-end encryption in everyday devices such as the iPhone, ultimately deciding earlier this fall to back away from loud calls from law enforcement and intelligence officials for legislation to force companies to unlock what they deemed "warrant-proof" encryption.

Senior officials such as FBI Director James Comey insisted that strong encryption endangers the agency's ability to track dangerous criminals and terrorists. Yet security pros, tech companies, and privacy advocates recoiled at the idea of building what they call a "backdoor" into American products, insisting it would put all consumers’ security and privacy at risk and make customers less likely to buy US devices.

While the White House chose to hold off, the intelligence community’s top lawyer, Robert Litt, noted in an August e-mail obtained by The Washington Post that, while the “legislative environment is very hostile today, it could turn in the event of a terrorist attack or criminal event where strong encryption is shown to have hindered law enforcement." There is value, Mr. Litt wrote, in "keeping our options open for such a situation."

The office of the Director of National Intelligence declined to comment for this story, but the Paris attack – and other Islamic State threats on cities such as Washington – is already prompting senators to call on the White House to revisit the issue.

"Don’t you think that post Paris [the White House] should look into this again and make sure we are doing everything we can to protect our country?" said Sen. Kelly Ayotte (R) of New Hampshire, a member of both the Armed Services and the Homeland Security Committee. “The President should come to us with what he needs to make sure we have the intelligence to protect our country…. With a subpoena – or a warrant, depending on the circumstances – law enforcement should have access to these encrypted devices so that we can keep the country safe."

Chairman of the Senate Armed Services Committee Sen. John McCain (R) of Arizona says he will hold hearings to examine possible legislative fixes. "It’s a national security issue," he said. "I don’t know what the answer is, that’s why we have to have hearings. But the situation now where they have the ability to go to a secure site is unacceptable."

It’s not just Republicans clamoring for a debate.

"Technology is leaping ahead of our capacity," Minority Whip Richard Durbin (D) of Illinois said on the Senate floor. "We are told by our agencies in government that, to keep America safe, we have to deal with encryption standards today.... Put in new standards so we can deal with the encryption where terrorists are hiding their communications from our surveillance, even under court order." 

While unnamed officials quoted in major media outlets say encryption likely played a role in the Islamic State’s planning, there has been no official confirmation or details about what kind of devices or apps they may have used. US law enforcement and intelligence agencies are so far not willing to comment on record about the attack’s impacts on the encryption debate at home. This, of course, could change once there’s concrete evidence about communications techniques from the investigation. 

Even so, the deployment of encryption on consumer technology has many supporters on and off Capitol Hill. While the terrorist attack in Paris might prompt a debate on the merits of encryption, it remains to be seen whether this latest Islamic State attack will tip the scales in favor of national security over strong measures to protect online privacy and individual security as the drumbeat of high-profile data breaches continues.

Civil liberties advocates have recently gained political clout in the wake of the Edward Snowden leaks, which has also prompted consumer giants such as Apple to increase the use of encryption on its iPhones. What's more, the House of Representatives approved a measure to ban the government from forcing tech companies to place "backdoors" into encrypted devices as part of an appropriations bill. 

Cybersecurity experts hailed the White House’s decision to back away from a policy that would require companies to change security measures to accommodate US law enforcement requests. Most digital security experts and privacy advocates say there’s no way to create a channel for the US without creating a "backdoor" that could be exploited by criminal hackers or nation-states. 

Even now, after the Paris attacks, some civil liberties advocates on the Hill, such as Sen. Ron Wyden (D) of Oregon warn against hasty policy reactions to a tragedy. "It’s important to be very careful about some of these knee-jerk approaches that don’t give you more security and put at risk your liberty,” said Senator Wyden, a member of the Intelligence Committee.

And even if US authorities were to force American tech companies to decrypt secure communications, Wyden said militants could find other options to secretly communicate. "Requiring companies to weaken their technology when terrorists can fairly easily obtain advanced encryption technology products around the world doesn’t make much sense to me."

 

You've read  of  free articles. Subscribe to continue.
Real news can be honest, hopeful, credible, constructive.
What is the Monitor difference? Tackling the tough headlines – with humanity. Listening to sources – with respect. Seeing the story that others are missing by reporting what so often gets overlooked: the values that connect us. That’s Monitor reporting – news that changes how you see the world.

Dear Reader,

About a year ago, I happened upon this statement about the Monitor in the Harvard Business Review – under the charming heading of “do things that don’t interest you”:

“Many things that end up” being meaningful, writes social scientist Joseph Grenny, “have come from conference workshops, articles, or online videos that began as a chore and ended with an insight. My work in Kenya, for example, was heavily influenced by a Christian Science Monitor article I had forced myself to read 10 years earlier. Sometimes, we call things ‘boring’ simply because they lie outside the box we are currently in.”

If you were to come up with a punchline to a joke about the Monitor, that would probably be it. We’re seen as being global, fair, insightful, and perhaps a bit too earnest. We’re the bran muffin of journalism.

But you know what? We change lives. And I’m going to argue that we change lives precisely because we force open that too-small box that most human beings think they live in.

The Monitor is a peculiar little publication that’s hard for the world to figure out. We’re run by a church, but we’re not only for church members and we’re not about converting people. We’re known as being fair even as the world becomes as polarized as at any time since the newspaper’s founding in 1908.

We have a mission beyond circulation, we want to bridge divides. We’re about kicking down the door of thought everywhere and saying, “You are bigger and more capable than you realize. And we can prove it.”

If you’re looking for bran muffin journalism, you can subscribe to the Monitor for $15. You’ll get the Monitor Weekly magazine, the Monitor Daily email, and unlimited access to CSMonitor.com.

QR Code to After Paris attacks, lawmakers seek greater access to encrypted data
Read this article in
https://www.csmonitor.com/World/Passcode/2015/1117/After-Paris-attacks-lawmakers-seek-greater-access-to-encrypted-data
QR Code to Subscription page
Start your subscription today
https://www.csmonitor.com/subscribe