Technology industry groups are pushing back against calls from law enforcement and intelligence officials to give the government more access to encrypted networks following the Paris terrorist attacks.
Concrete evidence has yet to emerge that the perpetrators of the attacks used encrypted networks to communicate, but officials have warned that terrorists are finding new ways to avoid surveillance. Some say requiring tech companies to design a back door in the devices would give law enforcement better access to encrypted communications.
“It is likely that encryption, end-to-end encryption, was used to communicate between those individuals in Belgium, in France and in Syria,” Senate Intelligence Committee Chairman Richard Burr, R-N.C., said last week. “It’s a wake-up call for America and our global partners that globally, we need to begin the debate on what we do on encrypted networks, because it makes us blind to the communications and to the actions of potential adversaries.”
Many tech companies have so far been reluctant to respond publicly to these calls, but a growing number of industry groups are coming out in defense of encryption, and a lobbying coalition called Reform Government Surveillance – representing Google, Apple and other tech leaders – has met with congressional staff and administration officials to discuss encryption policy.
“In the private sector, a lot of companies are already pushing back against” creating a back door, said Brian Finch, a lobbyist for cybersecurity companies. “Tech companies are reemphasizing the point that they don’t think the back door is effective or all that useful for law enforcement, and it’ll do more harm than good in the long run.”
Among the industry’s main arguments is that there is no evidence that the Paris attackers communicated via encrypted systems, and if the government forces tech companies to weaken encryption, terrorists would simply start using devices or apps that aren’t subject to U.S. laws.
“Tech industry’s push back right now is, ‘(Law enforcement), you’re using this opportunistically, to your advantage,’ ” said a lobbyist for major tech companies who spoke on the condition of anonymity in order to protect professional relationships. “There’s no proof that terrorists used encrypted networks. Law enforcement, you missed this, stop trying to blame us.”
On Tuesday, the Software Alliance (BSA) mounted a strong defense of encryption technology, saying it is a critical tool that protects users’ online privacy.
“That is not the case. Encryption – rather than something to be feared – is a valuable tool millions of people rely on every day to secure their online privacy,” the BSA said. “Government should not be pushing for solutions that would make the online environment less secure.”
Two other leading tech industry groups are echoing those sentiments, citing the role of encryption in protecting online banking, transportation security systems and other critical infrastructure, such as hospitals, from potential hackers.
Dean Garfield, the president of the Information Technology Industry Council (ITI), the Washington-based group that represents some of the world’s largest hardware, software, mobile and search companies, said last week that weakening encryption technology “simply does not make sense.”
The Software and Information Industry Association (SIIA), which represents the software and digital content industries, said strong encryption helps boost national security, not threaten it.
“Encryption protects not just government and commercial databases, but critical national infrastructure such as hospitals, airlines and nuclear power stations – exactly the targets terrorists would attempt to hack and destroy,” the group’s senior vice president of public policy, Mark MacCarthy, said last week. “If the U.S. government gained back-door access to encrypted material, it is possible that other governments and non-government actors would as well, and encryption would become useless.”
Tech policy experts predict a renewed round of congressional hearings and possible legislation after Thanksgiving, but they aren’t convinced that the encryption debate will drastically change. It reached a standstill in October when the White House decided it wouldn’t seek legislation forcing tech companies to decode encrypted data for law enforcement.
Burr and Sen. Dianne Feinstein, D-Calif., the top Democrat on the intelligence panel, have indicated that they want to revisit discussions with tech companies about the government’s access to secure communications, but legislation has yet to be drafted.
“I’m not convinced anything new will come out of it,” said the tech lobbyist. “But it’ll get a fresh look.”