Pressure is rising on Apple, Google and other technology companies to allow law enforcement and intelligence agencies access to encrypted phones and other devices.
In the wake of the coordinated terrorist attacks on Paris, CIA Director John Brennan, Sen. Dianne Feinstein (D-Calif.) and other critics are amplifying their arguments against Silicon Valley.
{mosads}The rise of commercial encryption technology, they say, risks shielding terrorists from surveillance — raising the bar for law enforcement to thwart future attacks.
“We in many respects have gone blind as a result of the commercialization and the selling of devices that cannot be accessed either by the manufacturer or, more importantly, by us in law enforcement, even equipped with the search warrants and judicial authority,” New York City Police Commissioner William Bratton said Sunday on “Face the Nation.”
Some lawmakers have revived calls for congressionally mandated access to devices.
“In the Senate Armed Services, we’re going to have hearings on it and we’re going to have legislation,” Sen. John McCain (R-Ariz.), who chairs the committee, told reporters on Tuesday, calling the status quo “unacceptable.”
The terrorists who more than 120 people in Paris last Friday were able to plan their strikes under the noses of French and Belgian authorities. Senior European counterterrorism officials, speaking anonymously, told The New York Times that they believed the attackers used some form of encrypted device to communicate.
Brennan called the attacks a “wake-up call,” while Feinstein, a member of the Senate Intelligence Committee who represents Silicon Valley, said in an interview Monday with MSNBC that it’s a “big problem” if tech firms “create a product that allows evil monsters to communicate in this way.”
Apple, Google and other corporations have stood firm against pressure to either decrypt data or install a back door for law enforcement.
Representatives for several companies declined to speak to The Hill for this story, reflecting the sensitivity of the issue.
But sources in the technology sector generally took a dim view on suggestions that the Paris attacks would cause tech companies to shift their positions.
They said that the companies have too much at stake to bend on allowing law enforcement access to their customers’ data and that many hope the debate will eventually cool.
“It’s all about PR,” said Darren Hayes, director of cybersecurity at Pace University.
Tech companies have taken a stronger stance on the issue since whistleblower Edward Snowden revealed the U.S. government’s massive surveillance programs, in which tech companies under court order provided data to the National Security Agency.
To many tech companies, the revelations were an embarrassment that also endangered their bottom lines.
“I want to be absolutely clear that we have never worked with any government agency from any country to create a backdoor in any of our products or services,” Apple CEO Tim Cook says in an open letter on the company’s site. “We have also never allowed access to our servers. And we never will.”
Tech companies have insisted that building in any kind of guaranteed access for the government would breach consumer privacy and build weaknesses into the technology that would allow criminals to hack into devices just as easily as law enforcement.
Apple, the world’s most valuable company, has also complained that routinely helping law enforcement to decrypt data would be an unduly onerous tax on its resources.
“This burden increases as the number of government requests increases,” it argued in a recent legal brief.
Law enforcement sources argue that Snowden’s revelations led terrorists and criminals to go dark and move to encrypted devices, intensifying the need for companies to cooperate with police.
“There’s no doubt that the disclosures overall created a situation in which we lost coverage of terrorists,” Matthew Olsen, who until last year served as the director of the National Counterterrorism Center, said at a Yahoo News conference the day before the Paris attacks.
“Specifically, we saw people that we were targeting with NSA surveillance … go to different service providers. We saw them go to uses of encryption. They’re reading the newspapers and seeing what we can do.”
The White House has sided with technology companies, saying last month it would not pursue legislation requiring firms to give law enforcement access to encrypted data.
FBI Director James Comey, along with some lawmakers, has shifted his tactics in recent months, appealing directly to Silicon Valley instead of asking Congress to mandate a solution.
“There shouldn’t be venom” between law enforcement and Silicon Valley, he said during a House Intelligence Committee hearing in September. “We should all care about the same thing.”
“Apple does not want to say they’re the chosen device of terrorists. But they also don’t want to say there’re wide-open platforms that they can get into. We can solve this,” Rep. James Lankford (R-Okla.) said Monday on MSNBC’s “Morning Joe.”
But in September, House Intelligence Committee ranking member Adam Schiff (D-Calif.) said he had met with top officials from Facebook, Google and Twitter, who unanimously told him they were uninterested in developing such a solution.
Some believe that if the attacks on Paris don’t change the dynamic, nothing will.
“There can be pressure brought when there’s enough impetus, and if it’s not this, I don’t know what it would be,” said Morgan Wright, a cybersecurity consultant who has worked with tech companies including Cisco and Alcatel-Lucent.
Jay Kaplan, the CEO of security firm Synack, predicted Paris will shift the discussion.
“You’re absolutely going to see the conversation be restarted that had ended with the public outcry that privacy is more important [than security],” Kaplan said. “I think events like this cause an instant mentality shift.”