Tech companies' announcement of new encryption policies prompts pushback from law enforcement
Last month, Google and Apple both announced that their next mobile operating systems would encrypt user data by default. Both Google and Apple also noted that the new forms of encryption would make it impossible for the companies to "unlock" encrypted phones, including in order to comply with lawful search warrants. These announcements have prompted officials to express concern about the risk that encryption will interfere with government's ability to investigate crime.
In response to Apple's and Google's respective announcements, FBI Director James Comey suggested that the new default encryption was being marketed "expressly to allow people to place themselves beyond the law." In an event at the Center for National Policy, White House cybersecurity czar Michael Daniel acknowledged that while "encryption is a best practice in cybersecurity," government is concerned about the threat that information would be "completely beyond the reach of law enforcement." And in a speech at the Brookings Institution last week, Comey spoke extensively of the threat of "going dark" — the risk that law enforcement would not be able to "access the evidence we need to prosecute crime and prevent terrorism even with lawful authority."
Prompted by the Google and Apple announcements, critics of encryption-by-default have urged companies to retain a method to decrypt communications and platforms in the case of a lawful investigation–a so-called "backdoor." Currently, however, while telecommunications providers are required to maintain interception capabilities, they are not required to decrypt communications, and most electronic communication service providers are not required to maintain interception capabilities at all. At Brookings, Comey called for legislative action "so that all communication service providers are held to the same standard."
No legislation has yet been proposed. But supporters of strong encryption point out that the "backdoors" that government is seeking are vulnerable to abuse by foreign intelligence agencies, hackers, and other nefarious actors. In his remarks at Brookings, Director Comey acknowledged that there is a "non-zero" risk associated with building any backdoor.
Strong encryption undergirds many of the lawful tools that journalists use to protect their sources and themselves. Many journalists use PGP to encrypt their email, off-the-record chat to communicate with sources, and apps like Signal and Redphone to encrypt voice calls. Journalists who cover sensitive beats or who work in conflict zones routinely rely on these and other encryption-based tools to protect themselves from surveillance. As Director Comey acknowledged in his speech, and as others have recognized, mandating the implementation of backdoors in encrypted technologies could affect the security of those tools.