House committee skeptical on encryption backdoors
Lawmakers rebuked calls from law enforcement officials for open access into encrypted computer systems during a House Oversight and Government Reform subcommittee hearing Wednesday.
A number of representatives expressed heavy skepticism as officials from the FBI and the Suffolk County District Attorney’s Office in Massachusetts called for a backdoor into Apple and Google mobile systems that will soon feature default encryption. The law enforcement officials said the encryption keeps them from accessing data that would otherwise be used as evidence in criminal investigations.
“When unaccountable corporate interests place crucial evidence beyond the legitimate reach of our courts, they are placing those who rape, defraud, assault and even kill in a position of profound advantage over victims and society,” Suffolk County District Attorney Daniel Conley said. “I am here today to ask Congress to help us find a solution, because what Apple and Google are doing is dangerous and should not be allowed to continue.”
A number of technology experts argued that what law enforcement leaders want is impossible to do if companies are to completely safeguard their users’ data.
“I can’t ignore a stark reality, simply that [backdoors] can’t be done safely,” said Matt Blaze, a University of Pennsylvania computer scientist. “If we make wishful policies that assume and pretend that we can, there will be terrible consequences for our economy and national security.”
Members of Oversight’s Information Technology Subcommittee seemed to echo Blaze’s sentiments, saying any vulnerability in encryption would be a negative for the public.
“Creating a pathway for decryption only for good guys is technologically stupid,” Rep. Ted Lieu, D-Calif., said.
House Oversight Committee Chairman Rep. Jason Chaffetz, R-Utah, called backdoors “impossible.”
“If someone at the Genius Bar can figure it out, so can nefarious folks in a van down by the river,” Chaffetz said.
The FBI has been calling for a way past encryption since Apple and Google announced stronger encryption practices last September. A month later, FBI Director James Comey said in numerous appearances that law enforcement desperately needed ways to keep up with criminals who can “go dark.”
“We have to find a way to help these companies understand what we need, why we need it and how they can help, while still protecting privacy rights and providing network security and innovation,” Comey said during an interview at the Brookings Institution last October. “We need our private sector partners to take a step back, to pause and to consider changing course.”
Amy Hess, executive assistant director of the FBI’s Science and Technology Branch, told the committee the bureau is not anti-encryption and any solution should “be designed to minimize its impact upon the overall security” of devices.
“What we’re asking for is not to lower [encryption] standards,” Hess said. “Rather to come up with a way that we may be able to implement perhaps multiple keys or some other way to securely access that information, or rather be provided with that information.”
IT Subcommittee Chairman Rep. Will Hurd, R-Texas, didn’t think those keys could be obtained without violating Americans’ Fourth Amendment rights.
“As a former CIA officer, I understand and appreciate the need and desire for law enforcement to access digital information in a timely manner. However, I also understand the protections afforded to Americans provided by the Constitution,” Hurd said. “I firmly believe that law enforcement officials must gain the trust of the very people they are trying to protect in order to be successful. I remain concerned that a government-mandated back or front door on U.S.-based mobile device manufacturers might undermine that trust.”