Ever since Apple announced that starting with iOS 8 all iPhones and iPads will now encrypted, with the encryption keys held solely by the users so that Apple will be unable to decrypt them even when required to do so law (an announcement quickly followed by a similar one from Google, saying that with its upcoming Android L, all new devices will also be encrypted by default with keys held only by the user), FBI Director James Comey has been on the warpath.
As far as Comey is concerned, the idea of ordinary people being able to secure their own data where the authorities cannot reach it is tantamount to the end of civilization,
‘With Going Dark, those of us in law enforcement and public safety have a major fear of missing out—missing out on predators who exploit the most vulnerable among us…missing out on violent criminals who target our communities…missing out on a terrorist cell using social media to recruit, plan, and execute an attack.
Criminals and terrorists would like nothing more than for us to miss out. And the more we as a society rely on these devices, the more important they are to law enforcement and public safety officials. We have seen case after case—from homicides and car crashes to drug trafficking, domestic abuse, and child exploitation—where critical evidence came from smartphones, hard drives, and online communication.’
Comey’s solution is for tech companies to build-in a ‘front door’ into their encryption that will allow law enforcement companies to decrypt mobile devices,
‘There is a misconception that building a lawful intercept solution into a system requires a so-called “back door,” one that foreign adversaries and hackers may try to exploit. But that isn’t true. We aren’t seeking a back-door approach. We want to use the front door, with clarity and transparency, and with clear guidance provided by law.’
Leaving aside the major fact that whatever Coney says, he is proposing a backdoor in the encryption (the Washington Post called this a ‘golden key’ in a very misjudged post by the Editorial board), which is a terrible idea as weakening encryption makes data vulnerable to all hackers, not just law enforcement officials), this shows a fundamental disregard for citizens’ basic rights to privacy.
Faced with obstinacy from both Apple and Google over his demands, Comey started to issue threats that Congress may have to intervene…
‘Where we may get is to a place where the US, through its Congress, says, “You know what, we need to force this on American companies,” and maybe they’ll take a hit. Someone in some other country will say, “Ah, we sell a phone that even with lawful authority people can’t get into.” But that we as a society are willing to have American companies take that hit.’
.. And even more forcibly,
‘Congress might have to force this on companies. Maybe they’ll take the hint and do it themselves.’
Well, it turns out that Congress is none too stoked with these comments. Influential California Republican Rep. Darrell Issa tweeted that,
‘To FBI Director Comey and the Admin on criticisms of legitimate businesses using encryption: you reap what you sow. The FBI and Justice Department must be more accountable—tough sell for them to now ask the American people for more surveillance power.’
Issa is not alone. Republican Zoe Lofgren echoed his comments, saying that Comey’s proposal would have ‘zero chance’ of passing, while Democrat Sen. Ron Wyden said,
‘I think the public would not support it, certainly industry would not support it, civil liberties groups would not support it. I think [Comey is] a sincere guy, but there’s just no way this is going to happen.’
It is great to see Congress push back against intrusive state surveillance (and bad news for Comey), although it is a shame members did not take a similar principled stand against NSA blanket spying on just about everyone’s every move on the internet.
Interestingly, the Electronic Frontier Foundation (EFF) observes that Comey is attempting to reopen the Crypto Wars of the early 1990’s, where the Clinton administration was forced to back down from requiring that all telecommunications install an NSA backed Clipper chip in order to decrypt all communications, an idea that was dropped thanks to public and political backlash, opposition from the telecommunications companies, and arguments that such chip would damage US business interests abroad.