FBI director insists Silicon Valley can solve the encryption dilemma – if they try hard enough
On Wednesday, the US Senate Judiciary Committee got to hear from FBI director James Comey and DOJ Deputy Attorney General Sally Quillian Yates on how end-to-end encryption employed by certain companies (but mostly Apple) is becoming a problem for law enforcement’s investigations.
Waving the threat of ISIS and terrorism before the Committee, Comey in particular chose not to believe that cryptographers, technologists and security experts know what they are talking about, and said that the companies have probably not tried hard enough to come up with a viable answer on how to provide access to law enforcement, but keep criminals out.
He then admitted to not knowing enough about the technology to come up with a realistic proposal, but he said he was sure that brilliant US technologist can do it.
“We want to work with the communications providers to find a way with them to get access to the information we need … while protecting privacy. We want to have each provider think about and work out a way where they will find a way to respond to these requests,” Quillian stated, and again asked for Sillicon Valley companies to come up with an answer – or scrap end-to-end encryption altogether.
According to The Intercept, both she and Comey said that if the companies voluntarily refused or made it impossible to give access to law enforcement, they should have to be forced to do so by law.
It’s interesting that both of them didn’t provide concrete numbers and examples of when encryption thwarted their agencies’ investigations. New York district attorney Cyrus Vance did, and it turns out that the number is extremely small. He also didn’t confirm whether the fact that they couldn’t access the information in the encrypted phones ultimately resulted in the failure of an investigation or in getting a conviction.
So, the “going dark” argument was very weak, but that didn’t stop them from trotting it out.
Also, Comey admitted that the US likely couldn’t force developers of tools produced outside of the country to give them access.
The committee members are divided on the issue, some accepting Comey’s and Quillian’s point of view, and others, like Senator Ron Wyden, not.
He said that he believes that the debate is slowly heading towards proposals for encryption key escrow schemes (stockpiled either by the companies themselves or third parties), but that this idea is “a big time loser”.
“It’s a loser on security, a retreat on privacy, and will do great damage to our technology industry; I hope we don’t go there,” he concluded.
Apparently, Senator Dianne Feinstein, head of the Committee, was interested in the idea and asked Wyden where he got it from, making it obvious that she isn’t familiar with the flawed proposals of over 20 years ago, and hasn’t read the aforementioned paper compiled by security and cryptography experts.