Should Federal
Government surveillance agencies and law enforcement at all levels have access
to cleartext versions of everyone’s and anyone’s personal electronic
communications, even if they are deeply encrypted and beyond the reach of curious
officials’ technical capabilities?
Or, put another way,
should the government be able to prohibit the sale and use of “unbreakable,”
end-to-end encryption, unless it comes with a “back-door” that enable government
to decrypt the encrypted messages it collects?
Tim Cook, CEO of Apple,
says the answer is an emphatic "No."
Four days after the
terrorist attacks in Paris, on November 17, 2015, after being briefed by Obama
Administration officials including Assistant Secretary of State Victoria Nuland on the U.S. role in the aftermath of these attacks,
Richard Burr (R-NC), Chair of the U.S. Senate Intelligence Committee, and
Vice-Chair Diane Feinstein (D-CA) spoke to reporters. They addressed the issue of end-to-end encryption
several times in their remarks.
Their approaches spanned a range between looking into the
question and forcing private companies that provide these powerful encryption
technologies “to change their business models.”
Here’s more of what
they had to say:
Senator Burr:
“There’s a likelihood that this attack was ISIL-directed. It
is likely that encryption, end-to-end encryption was used to communicate
between those individuals in Belgium, in France and in Syria. It’s a wake-up
call for America and our global partners that globally we need to begin the
debate on what we do on encrypted networks, because it makes us blind to
communications and to the actions of potential adversaries. The vice chairman
and I committed to our membership that we would start this debate sooner rather
than later and I think this is not just a debate to happen within the United
States, this is a debate we will have with our international partners.”
Senator Feinstein:
“…it’s causing a great deal of alarm among people who want
their government to keep people safe and we want to keep people safe. And only
good intelligence is going to keep people safe. So as the chairman pointed out,
a lot of the communication between these networks is encrypted. Even simple
commercial products that you can buy encrypt the conversation and some of them
encrypt it in a way that even with a court order, you can’t break into it. So
good intelligence from people in communities all over, I think is extremely
important."
Senator Burr:
“… It still happened and it happened while the entire
world’s intelligence communities looked for it. Though we don’t have the answer
today, we will work aggressively to try and figure out where we might have
picked this up and if we couldn’t, what tools we need to provide to
intelligence here and abroad that would allow us to detect any indications in
the future."
Reporter:
“On the encryption question, what steps will Congress take
in addressing that and will it play into this unfinished cybersecurity process?”
Senator Burr:
“I think it’s way too early for us to comment, look at both
us, look at our age. This is a very difficult thing for us to understand
because I won’t tell you that we’re steeped in technology where we’ve got
generations below us where this is an everyday process for them. There’s not an
app that you buy that potentially doesn’t have the communication capability
today, and that communication capability whether they sell it that way or not,
it’s likely encrypted. So facing realities, we know we can’t go forward unless
we work with intelligence communities and whether we work with our partners
above to figure out what the way forward is."
Reporter:
“Vice Chairman, you mentioned you’re working some proposals
to possibly bring forward, could those include proposals on encryption or
anything—“
Senator Feinstein:
“I don’t think it makes sense to speculate. The chairman has
said what he’d really like the committee to do and I really agree with this; we
need to sit down and we need to go over things. We need to look at a number of
different things; we need to look at how much the visa waiver program plays
into this. How much encryption plays into it. We know of certain equipment and
certain games that are encrypted that can be used. We need to figure what can and should be done
about that if anything.
“The important thing is that it is a committee-wide effort
and once we agree we’re able to move forward on a bipartisan basis.”
Reporter:
“Senators, in terms of the ISIL threat to Europe and the
homeland, could you paint a little more of a picture on what you are learning.
Is there an external operations cell? And do we know who those people are, are
they in Raqqa and what do you think the U.S. government should do about those
people?"
Senator Burr:
“… It may fly under the radar screen and I think that’s one
of the realities that I think we’re faced with and that’s why Dianne and I have
committed to challenge our staffs to do an overall review from a standpoint of
what are the things we need to look at that we aren’t currently focused on,
what tools we might provide that at least provide an opportunity of a better
outcome for our intelligence community.
“Quite frankly, we’re going to have to
think differently, because our adversaries are thinking differently now.”
Senator Feinstein:
“And if I might add to the Chairman, ISIL is different. ISIL
isn’t al Qaeda. Al Qaeda was away and removed and a small group of people and
they put together very precise operations. This is big. ISIL has 30,000
fighters. France, 2,000 people have gone from France to Syria to fight. We’ve
had about 150 go from our country to fight. They are expanding. They are
creating the caliphate in different countries, wherever they can. Safe harbors
in some countries wherever they possibly can. As the Chairman pointed out, the
number of countries they’re in, is close to 30 today, one way or another. So
it’s an expanding model and that model puts forward a new plan and that is as
was said, that you have one person in Syria, directing through Belgium, to
France, that could be here too. Just like that, all encrypted. So it’s a problem
and of course they have a video out that makes the statement. So that’s a
concern to all of us."
Reporter:
“Chairman Burr, you talked about end-to-end encryption. What
platform were they using and what evidence is there?"
“We can’t tell you today specifically that they were using a
specific encrypted platform. We think that that’s a likely because we didn’t
pick up any direct communication. I think it’s safe to say that there are
probably 30 end-to-end encrypted software packages that you can download for
free. Given the fact that between iTunes and PlayStation, the number of apps
that are added on a weekly, monthly, yearly basis and I think we anticipate
that everything from this point forward will have encryption communications to
it, now’s the time to act.”
Reporter:
“What legislation is possible to address this?”
Senator Burr:
“I wouldn’t dare even make you remotely believe that we’re
on a legislative route. We’re on an exploratory route, trying to figure out
what options we have and from those options to determine what the best course,
short, medium and long term is.”
Reporter:
“And as you explore, what cooperation are you getting from
companies in Silicon Valley? What would
your message be to those companies?”
Senator Feinstein:
“Well if we get the same cooperation we did with cyber, it
won’t be very much. The reality is that we don’t expect this to be received
extremely well from companies that market their products based upon the fact
that they have end-to-end encryption. We don’t have a responsibility to sell
their products; we have a responsibility to keep America safe. This committee
is going to stay focused with our intelligence community and our law
enforcement to do exactly that. If it means that people are going to have to
change their business models, then so be it, but at the end of the day,
America’s safety is the absolute number one issue."
For a discussion of novelist Dan Brown's prescient acknowledgement of the risks posed by "unbreakable" encryption as far back at 1998, click here.
No comments:
Post a Comment