Cryptography Control: FBI Wants It, but Why?

To hear the FBI tell it, unless Congress acts soon to stop the proliferation of strong encryption - the technique for scrambling computer data - the government will lose its ability to understand wiretapped communications and investigate crime.

This isn't the first time the FBI has made such a claim. In a secret briefing in 1992, the FBI told senior government officials that, in the best-case scenario, by 1995 the bureau would be unable to decipher 40 percent of wiretapped conversations because of encryption.

But in 1994 an assistant attorney general admitted to Congress that the FBI had not encountered a single case of encrypted telecommunications. And today the Bureau has faced only a handful of cases where encryption stymied wiretaps.

That didn't stop FBI director Louis Freeh from testifying last month that "widespread use of unbreakable encryption is one of the most difficult problems confronting law enforcement" and urging restrictions on the deployment of cryptography lest the ability to "investigate and prevent the most serious crimes and terrorism" be impaired.

Where exactly does wiretapping fit in the law-enforcement arsenal? In 1996 there were only about 1,500 legal wiretaps used in investigations, but more than 33,000 federal prosecutions and a larger number of state ones. Mr. Freeh points to a handful of crucial cases that he says show the value of the government surveillance tool: the New York City group that set out to bomb the Lincoln and Holland Tunnels, cases involving organized crime leaders, and the case of CIA-officer-turned-Russian-spy Aldrich Ames. Freeh repeatedly emphasizes the importance of wiretapping in preventing terrorism and investigating kidnapping.

YET, a close investigation of the claims shows otherwise. In the New York City bombing case, body mikes, not wiretaps, were used to gather evidence. Encryption would not have affected the investigation or prosecution. And the case of crime boss John Gotti, as well as a similar one in Philadelphia, turned on electronic bugs, not wiretaps. Encryption would similarly have had no effect there.

Wiretaps also could not have prevented the Oklahoma City bombing - the FBI had no idea that anything of that nature was in the works. Government investigators did put wiretaps on afterward, which the defense then employed in an attempt to debunk the prosecution's chief witness, Michael Fortier.

As for kidnapping cases, between 1968-93, wiretapping was used in only two or three cases a year. If a family cooperates with the police, wiretapping is unnecessary; police can do a "consensual overhear" from the family's house. Encryption plays no role at all.

Wiretaps were used in the Ames case, but they revealed little more than that the spy's wife knew of his activities. And the FBI's claims in this case ring more than a little hollow: Last spring the Department of Justice issued a report concluding that the FBI bungled things by not properly investigating Ames years earlier.

Experts and even former law enforcement officials increasingly believe that these concerns must be weighed against the important benefits that cryptography provides. A panel of the National Academy of Sciences, whose members included a former US attorney general and a former deputy director of the National Security Agency, concluded that "on balance, the advantages of widespread use of cryptography outweigh the disadvantages."

Of course, a society in the information age needs to protect all sorts of communications - businesspeople sending faxes and e-mail abroad, politicians using cellular phones to plot strategy, doctors communicating with hospitals, even family members talking with one another.

Despite this, the Clinton administration has pressed for limiting the use of encryption, even while businesses and citizens are increasingly at risk of eavesdropping by foreign governments and industrial spies.

It may be hard for the FBI to imagine having evidence it cannot completely understand because it is enciphered. But to make public policy subservient to the FBI's concerns is to ignore the greater evidence about the limited role of wiretapping and the growing importance of cryptography to protect public safety.

* Susan Landau is research associate professor of computer science at the University of Massachusetts at Amherst. Whitfield Diffie is distinguished engineer at Sun Microsystems. Their book, "Privacy on the Line: the Politics of Wiretapping and Encryption," will be published by M.I.T. Press in January 1998.

You've read  of  free articles. Subscribe to continue.
QR Code to Cryptography Control: FBI Wants It, but Why?
Read this article in
QR Code to Subscription page
Start your subscription today