Orhan Cam/Shutterstock.com

The White House's Encryption Views Are All Over the Map

Some government officials are focused on catching criminals, while others worry about empowering hackers.

The wide­spread use of en­cryp­tion is mak­ing it in­creas­ingly dif­fi­cult for the gov­ern­ment to catch gang­sters, child pred­at­ors, and ter­ror­ists, a top Justice De­part­ment of­fi­cial warned Monday at a tech­no­logy-policy con­fer­ence.

“The De­part­ment of Justice is com­pletely com­mit­ted to seek­ing and ob­tain­ing ju­di­cial au­thor­iz­a­tion for elec­tron­ic evid­ence col­lec­tion in all ap­pro­pri­ate cir­cum­stances,” Leslie Cald­well, the head of the Justice De­part­ment’s Crim­in­al Di­vi­sion, said in a speech to the State of the Net Con­fer­ence. “But once that au­thor­iz­a­tion is ob­tained, we need to be able to act on it if we are to keep our com­munit­ies safe and our coun­try se­cure.”

But just minutes after Cald­well fin­ished her speech, an­oth­er top Obama ap­pointee took the stage at the New­seum in Wash­ing­ton, D.C. to de­liv­er al­most the ex­act op­pos­ite mes­sage to the audi­ence of tech-in­dustry in­siders: En­cryp­tion helps pro­tect con­sumers from hack­ers, ar­gued Ter­rell Mc­Sweeny, a Demo­crat­ic mem­ber of the Fed­er­al Trade Com­mis­sion.

“As a per­son charged with think­ing about con­sumer pro­tec­tion, I deeply worry about things like man­dat­ory back­doors,” Mc­Sweeny said. “We need to be very mind­ful of con­sumer data se­cur­ity, and we should be very, very care­ful about any­thing that un­der­mines that data se­cur­ity.”

The com­ments are just the latest ex­ample of top Obama ad­min­is­tra­tion of­fi­cials of­fer­ing con­flict­ing views on how to ad­dress the grow­ing use of en­cryp­tion, which can thwart both law en­force­ment agents and crim­in­als from gain­ing ac­cess to sens­it­ive data.

FBI Dir­ect­or James Comey ig­nited the de­bate over en­cryp­tion with a speech in 2014, in which he warned that crim­in­als are in­creas­ingly “go­ing dark” from gov­ern­ment sur­veil­lance.

The FTC is an in­de­pend­ent agency, so Mc­Sweeny isn’t re­quired to be in lock­step with the FBI or any oth­er part of the ex­ec­ut­ive branch. The com­mis­sion reg­u­lates con­sumer-pro­tec­tion is­sues, in­clud­ing pri­vacy and data se­cur­ity. But Mc­Sweeny is not the only of­fi­cial to ex­press con­cerns with policies that could weak­en en­cryp­tion.

Even Na­tion­al Se­cur­ity Agency Dir­ect­or Mike Ro­gers said last week that “en­cryp­tion is found­a­tion­al to our fu­ture” and that un­der­min­ing en­cryp­tion could lead to more massive hacks, like the breach of mil­lions of fed­er­al re­cords at the Of­fice of Per­son­nel Man­age­ment, which was al­legedly con­duc­ted by Chinese hack­ers. “Spend­ing time ar­guing about, ‘Hey, en­cryp­tion is bad and we have got to do something about it’—that is a waste of time to me,” Ro­gers said in a dis­cus­sion at the At­lantic Coun­cil. 

As the head of the NSA, Ro­gers has com­pet­ing in­terests when it comes to cy­ber­se­cur­ity. Strong “end-to-end” en­cryp­tion, in which mes­sages are in­ac­cess­ible even to the tech com­pan­ies trans­mit­ting the data, makes it harder for the NSA to con­duct sur­veil­lance. But the NSA’s mis­sion is also to pro­tect U.S. net­works from for­eign hack­ers—a job that’s made easi­er by stronger se­cur­ity meas­ures.

That ten­sion between en­sur­ing leg­al gov­ern­ment ac­cess to data while keep­ing out hack­ers is at the heart of the ad­min­is­tra­tion’s con­flic­ted ap­proach to en­cryp­tion. Most tech­no­logy ex­perts warn that any “back­door” for gov­ern­ment ac­cess can, at least in the­ory, also be ex­ploited by hack­ers.

After a lengthy in­tern­al de­lib­er­a­tion, the White House con­cluded last year that it would not ask Con­gress to pass le­gis­la­tion en­sur­ing gov­ern­ment ac­cess to en­cryp­ted data. In­stead, the White House is fo­cused on work­ing with tech com­pan­ies to try to find some oth­er vol­un­tary solu­tion to ad­dress the is­sue. Seni­or ad­min­is­tra­tion of­fi­cials, in­clud­ing White House Chief of Staff Denis Mc­Donough, met with CEOs of ma­jor tech com­pan­ies in San Jose, Cali­for­nia earli­er this month to dis­cuss en­cryp­tion (among oth­er is­sues).

But the White House’s de­cision hasn’t settled the de­bate in Con­gress. Sen­ate In­tel­li­gence Com­mit­tee Chair­man Richard Burr and rank­ing mem­ber Di­anne Fein­stein are work­ing on le­gis­la­tion to force tech com­pan­ies to com­ply with court or­ders for data. Sen. Mark Warner, a Vir­gin­ia Demo­crat, and House Home­land Se­cur­ity Chair­man Mi­chael Mc­Caul, a Texas Re­pub­lic­an, want to take a more cau­tious ap­proach and cre­ate a com­mis­sion to study the is­sue more thor­oughly.

For the pro­ponents of gov­ern­ment ac­cess to data, the ter­ror­ist at­tacks last year in Par­is and San Bern­ardino ad­ded even more ur­gency to the de­bate. Speak­ing at Monday’s tech con­fer­ence, the Justice De­part­ment’s Cald­well said that a shoot­er in Gar­land, Texas last year sent more than 100 text mes­sages to an over­seas ter­ror­ist.

“We have no idea what he said be­cause it was en­cryp­ted,” she said. “That is a big prob­lem. We have to grapple with it.”

(Image via Orhan Cam/Shutterstock.com)