Lawmakers skeptical of FBI’s encryption warnings

Encrypted Apple and Google devices are protecting rapists, fraudsters and human traffickers, law enforcement officials argued before mostly skeptical lawmakers on Wednesday.

“When unaccountable corporate interests place crucial evidence beyond the legitimate reach of our courts, they are in fact placing those who rape, defraud, assault and even kill in a position of profound advantage over victims and society,” said Daniel Conley, a Boston district attorney, during a House Subcommittee on Information Technology hearing.

{mosads}Conley and a top FBI official asked Congress to help them find a solution to access this increasingly inaccessible data. Capitol Hill intervention is needed, they said, to ensure investigators can either get an encryption key or legally compel companies to decrypt the data for them.

“What we’re asking for is not to lower [encryption] standards,” said Amy Hess, the executive assistant director of the FBI’s Science and Technology Branch. “Rather to come up with a way that we may be able to implement perhaps multiple keys or some other way to securely access that information, or rather be provided with that information.”

The request has roiled privacy-minded lawmakers,

“That’s the concern,” replied Rep. Jason Chaffetz (R-Utah), echoing the sentiment of many members on both sides of the aisle. “The strongest encryption possible,” Chaffetz said, “means not having a key.”

“Creating a pathway for decryption only for good guys is technologically stupid,” said Ted Lieu (D-Calif.), who has a bachelor’s degree in computer science from Stanford University.

Apple and Google have led the movement to encrypt products in the wake of Edward Snowden’s disclosures of government’s widespread digital snooping.

Companies insist encryption is necessary to retain customer faith, international competitiveness and overall security from hackers.

Technologists agree, adding that anything short of full encryption — meaning no keys, even for the companies — gives hackers an easy path into devices.

But law enforcement officials — particularly the FBI — caution that these encryption methods are hindering legitimate searches, keeping necessary evidence out of reach and causing investigators to prematurely alert suspects they are being tracked.

They made their case again Wednesday.

“I am here today to ask Congress to intervene,” Conley said. “With these operating systems, those devices would become warrant-proof and the evidence they contain unreachable by investigators.”

But thus far, legislators have actually tried to move in the exact opposite direction of what law enforcement is requesting.

Lawmakers in both the House and Senate have several times introduce stand-alone bills and various amendments that would forbid the government from requiring companies to build in access to their encryption, what’s known as a “backdoor.”

Earlier this year, Reps. Zoe Lofgren (D-Calif.) Thomas Massie (R- Ky.) and Jim Sensenbrenner (R- Wis.), reintroduced a backdoor-banning measure, the Secure Data Act. It mirrors a Lofgren-Massie amendment from last year that passed the House by a wide margin.

Some lawmakers are also looking to tack on a backdoor prohibition to the National Security Agency (NSA) reform bills currently under consideration.

Lieu told the law enforcement officials they should take their case to the NSA, whose surveillance programs touched off the encryption arms race.

“This is a private sector response to government overreach,” he said.

“To me it’s very simple to draw the privacy balance when it comes to law enforcement and privacy — just follow the damn Constitution,” Lieu continued. “Because the NSA didn’t do that, and other law enforcement agencies didn’t do that, you are seeing a vast public reaction to this.”