Lawmakers push for commission on encryption

Lawmakers push for commission on encryption

Congress should create a national commission to investigate the difficulties encryption has created for law enforcement, a bipartisan pair of lawmakers argued Monday in a Washington Post op-ed.

“Congress must be proactive and should officially convene a body of experts representing all of the interests at stake so we can evaluate and improve America’s security posture as technology — and our adversaries — evolve,” said House Homeland Security Committee Chairman Michael McCaul (R-Texas) and Sen. Mark Warner (D-Va.).

It’s an idea that McCaul first floated several weeks ago, after terrorist attacks in Paris and San Bernardino, Calif.
The deadly incidents have given new urgency to a long-running debate over encryption. Lawmakers and investigators said they believe the people behind those incidents used encrypted communication to hide their plans.

“This presents an extraordinary security challenge for the United States and our allies,” McCaul and Warner said. “Because extremists are ‘going dark,’ law enforcement officials warn that we are ‘going blind’ in our efforts to track them.”

Officials looking into the Paris attacks said they have definitive evidence the terrorists used the popular encrypted apps Telegram and WhatsApp to help plan the assault that killed 130 people.

“Frustratingly, there are no easy answers,” said McCaul and Warner. “The same tools that terrorists and criminals are using to hide their nefarious activities are those that everyday Americans rely on to safely shop online, communicate with friends and family, and run their businesses.”

For some, the answer is legislation. Senate Intelligence Committee Chairman Richard Burr (R-N.C.) has called for a law that would require companies to decrypt data upon government request. But the tech community is balking at that, arguing that such a mandate would defeat the purpose of encryption.

Major tech players including Apple have even refused to comply with court orders to turn over encrypted data, arguing that they can’t access information secured by their own products. Only this type of inaccessible encryption truly protects data from hackers, technologists insist.

McCaul and Warner agreed with this assessment.

“Encryption is a bedrock of global commerce, and it has helped enhance individual privacy immeasurably,” they said. “It is also integral to our cybersecurity efforts — protecting individuals, U.S. businesses, intellectual property and our nation’s critical infrastructure.”

Yet because this same uncrackable technology is also used to hide nefarious activities, “digital innovations present us with a paradox,” they added.

A bill that would require companies to maintain a guaranteed entry point into their encrypted data would backfire, McCaul and Warner cautioned.

“Such a law could weaken Internet privacy for everyone and could have the unintended consequence of making our information systems more vulnerable to attack,” the pair said. “Moreover, in our globalized world, a U.S.-only solution would likely have only a limited impact and could encourage offenders to simply use technology developed overseas instead.”

But Congress must act, they said, suggesting a national commission of all relevant parties is the right step forward.

“We are seeking the brightest minds from the technology sector, the legal world, computer science and cryptography, academia, civil liberties and privacy advocates, law enforcement and intelligence to collaboratively explore the intersection of technology and security,” the duo said.

McCaul and Warner explained the group would tasked with “generating much-needed data and developing a range of actionable recommendations that can protect privacy and public safety.”

The effort may have momentum in Congress. Several Capitol Hill leaders have appeared hesitant to back Burr’s legislative efforts. McCaul and Warner’s alternative may be more palatable to lawmakers and the tech community.

“We cannot wait for the next attack before we outline our options,” they said.


It is difficult for the FBI to crack most smartphone encryption

The FBI is struggling to decode private messages on phones and other mobile devices that could contain key criminal evidence, and the agency failed to access data more than half of the times it tried during the last fiscal year, FBI Director Christopher Wray told House lawmakers. Wray will testify at the House Judiciary Committee ...

Texas Church Shooting: More Calls for Encryption Backdoors

US Deputy Attorney General, Rod Rosenstein, has decided to use the recent mass shooting at a Texas church to reiterate calls for encryption backdoors to help law enforcers. The incident took place at the First Baptist Church in Sutherland Springs, killing at least 26 people. Deceased suspect Devin Kelley’s mobile phone is now in the ...

FBI couldn't retrieve data from nearly 7000 mobile phones due to encryption

The head of the FBI has reignited the debate about technology companies continuing to protect customer privacy despite law enforcement having a search warrant. The FBI says it hasn't been able to retrieve data from nearly 7000 mobile phones in less than one year, as the US agency turns up the heat on the ongoing ...

Wi-Fi's Most Popular Encryption May Have Been Cracked

Your home Wi-Fi might not be as secure as you think. WPA2 -- the de facto standard for Wi-Fi password security worldwide -- may have been compromised, with huge ramifications for almost all of the Wi-Fi networks in our homes and businesses as well as for the networking companies that build them. Details are still ...




This site uses Akismet to reduce spam. Learn how your comment data is processed.