The encryption debate will reignite under President Trump
No matter who won last night’s election, the encryption debate was always going to come back to Washington in a big way.
With Donald Trump’s upset victory bolstered by a vast Republican wave of victories in Congress, the future of strong encryption is in play. Like so much else, no one is quite sure what comes next.
The presidential campaign has been top of mind for government types over the past few months, but it was less than a year ago that the Apple-FBI battle over encryption made worldwide headlines as U.S. leadership debated digital security’s future in America. Privacy, security, surveillance and internet freedom seemed to hang in the balance. All those debates remain open.
Under President-elect Donald Trump, who is coming off a campaign in which he aggressively threatened Apple with a boycott over the encryption debate, the fight is about to restart in a big way in Washington, Silicon Valley and around the world.
One big question now is whose voices will be loudest.
FBI Director James Comey has been, in the last several years, encryption’s most visible critic inside the federal government. But at the same time, Comey publicly clashed with both Trump and Clinton so harshly that his tenure’s future at the bureau remains uncertain. He became a politically toxic figure, possibly for the long term, on both ends of the political spectrum. Even if he remains atop the FBI, the exact nature and scope of Comey’s power is in question.
Even before Trump’s election, Comey and his lieutenants planned on vigorously restarting the encryption debate at the beginning of 2017. With a new and widely unexpected administration entering the White House, the specter of that debate looms even larger.
The Obama administration largely disagreed with “Comey going nuclear,” as one former senior Obama administration cybersecurity official recently called the FBI director’s public campaign against Apple beginning in 2015. Trump, on the other hand, not only supported Comey’s view but went far further by calling for the Apple boycott.
In the event that Comey is replaced, which appears to be a real possibility in the hours following the election, there is no immediately obvious replacement who would differ from his stance on strong encryption.
Many of the most popular and important encryption tools in existence are subsidized in large part or completely by the United States government. Of particular note is that the State Department, under Hillary Clinton, emphasized an internet freedom program that gives grants totaling tens of millions of dollars per year toward development of security software like Signal, Tor, Tails, The Guardian Project and more. The software and research behind these tools can be found in private sector apps used by over 1 billion people, including from companies like WhatsApp, Facebook and Google. Any change to the funding behind these programs could impact users around the world.
In a major 2011 speech, then-Secretary of State Clinton said the U.S. was funding such technologies to “help people in oppressive internet environments get around filters, stay one step ahead of the censors, the hackers and the things who beat them up or imprison them for what they say online.”
Five years later, as strong encryption hit the mainstream in the United States, the issue seems to invite a lot more debate.
Government funding of encryption technology is about to come under a microscope regardless of what happens in the White House. The Government Accountability Office is currently studying accusations that a lot of money has been wasted on internet freedom programs at the State Department, the Broadcasting Board of Governors and Radio Free Asia, according a source with knowledge of the issue. The results of the GAO study, especially if unfavorable as expected, could also color the new encryption debate.
In Congress, Sen. Richard Burr, R-N.C., won reelection. Burr, who faced a surprisingly tough campaign, has pushed a bill that would mandate backdoors into encrypted systems. The bill stalled hard last year and remains highly opposed. Moving forward, however, the landscape could change.
And then there’s the money both supporting and attacking encryption from government sources like the National Security Agency, Department of Homeland Security and DARPA. There’s likely more money at play there, but it sits behind the veil of national security secrecy.
Adm. Michael Rogers, who leads the NSA and U.S. Cyber Command, has spoken favorably of special government access to encrypted data “in the right circumstances, with the right level of control.” Rogers is expected to stay in power for at least a few more years, but, as with so much in Washington, his future is less certain today than it was yesterday.
Momentum for mandated backdoors in encryption has generally slowed over the last year. House Homeland Security Chairman Rep. Michael McCaul, R-Texas, called such legislation “a knee-jerk response that will have unintended consequences” recently, adding that it’s “a simplistic solution to a very complicated problem” that would “drive technology and innovation offshore.”
McCaul is behind the proposal for a national commission on encryption that was backed by Clinton.
The issue, however, can turn at any time. As with so many issues entangled with national security, one act of violence can swing so much.
If there’s a terrorist attack tomorrow, “the backdoor bill’s gonna come out, there would be more momentum” to pass it,” he said in September.
Many civil liberties activists have opposed even the creation of McCaul’s commission because it “will be used to prolong an unnecessary conversation,” Electronic Frontier Foundation lawyer Mark Jaycox said earlier this fall.
But any possible change to encryption laws faces strong opposition. Nate Cardozo, staff attorney at the EFF, promised earlier this year that “any backdoor legislation is gonna be tied up in the courts for years” due to long legal fights with organizations like the EFF and ACLU.
Less than 24 hours after the election was called, the only clear takeaway is that the future of strong encryption is less clear than before.