FBI Director James Comey wants to build a legal regime spanning North America, Europe, and even China that requires tech companies to build law-enforcement backdoors in their encryption.
In testimony before the Senate Intelligence Committee on Wednesday afternoon, Comey warned that his agency was increasingly losing access to encrypted data, a phenomenon he has called “going dark.”
To solve the problem, he has been communicating with American technology firms to figure out a way for law enforcement to access encrypted communications with a court order.
Several senators asked Comey how he planned to stop people from deploying encryption overseas, which would put U.S. companies at a competitive disadvantage. Comey pointed to countries like France and the U.K. as two nations that were “a little bit ahead of us” on encryption policy. He praised both countries for recently introducing legislation ban strong encryption that did not feature backdoors.
U.K. Prime Minister David Cameron has pledged to ban software like Facebook‘s WhatsApp and Apple‘s iMessage if they build their systems in such a way that they cannot give British law enforcement access to encrypted user data.
Foreign governments regularly express concerns about being unable to regulate the encryption used by U.S. companies like Facebook and Apple. They therefore need America’s help enforcing policies that weaken encryption to let the government into the systems.
Some American lawmakers are also concerned that foreigners could simply find or build technology to circumvent bans on strong encryption.
None of the conversations so far have touched on open-source technology, like PGP and Tor, that anyone anywhere can use freely.
In his Senate testimony, Comey emphasized that a ban on strong encryption would only work if implemented in concert with bans in other countries.
“We cannot break strong encryption,” Comey emphasized. “I know people think the Bureau can do a lot of things. We cannot break strong encryption.”
Encryption has become the hottest new battlefield in the Western fight against terrorism. Throughout Wednesday’s hearings, Comey, along with other witnesses and senators, brought up the Islamic State‘s increasing use of encrypted communications.
Comey briefed the Intelligence Committee on specific instances of domestic ISIS communications that are encrypted and therefore unreadable by the FBI. He referred to Twitter as the “devil on their shoulder” because it enabled sustained and—eventually—encrypted communication between jihadists and potential recruits.
Sen. Ron Wyden (D-Ore.), one of the chamber’s leading privacy advocates and one of Comey’s most consistent critics, made a clear prediction about where he thought Comey’s proposals would lead.
“Where this is headed is towards proposals for some kind of stockpile for encryption keys for the government to access,” Wyden said. “I think this proposal is a big time loser on security grounds, a retreat on privacy, and will do great damage to our cutting edge digital companies that have jobs that pay great wages.”
Illustration via Max Fleishman