15 December 2019

Trump officials weigh encryption crackdown

By ERIC GELLER

Senior Trump administration officials met on Wednesday to discuss whether to seek legislation prohibiting tech companies from using forms of encryption that law enforcement can’t break — a provocative step that would reopen a long-running feud between federal authorities and Silicon Valley.

The encryption challenge, which the government calls “going dark,” was the focus of a National Security Council meeting Wednesday morning that included the No. 2 officials from several key agencies, according to three people familiar with the matter.

Senior officials debated whether to ask Congress to effectively outlaw end-to-end encryption, which scrambles data so that only its sender and recipient can read it, these people told POLITICO. Tech companies like Apple, Google and Facebook have increasingly built end-to-end encryption into their products and software in recent years — billing it as a privacy and security feature but frustrating authorities investigating terrorism, drug trafficking and child pornography.


“The two paths were to either put out a statement or a general position on encryption, and [say] that they would continue to work on a solution, or to ask Congress for legislation,” said one of the people.

But the previously unreported meeting of the NSC’s so-called Deputies Committee did not produce a decision, the people said.

A decision to press for legislation would have far-reaching consequences for the privacy and security of tens of millions of consumers and effectively force companies such as Apple and Google to water down the security features on their smartphones and other devices.

A ban on end-to-end-encryption would make it easier for law enforcement and intelligence agents to access suspects' data. But such a measure would also make it easier for hackers and spies to steal Americans' private data, by creating loopholes in encryption that are designed for the government but accessible to anyone who reverse-engineers them. Watering down encryption would also endanger people who rely on scrambled communications to hide from stalkers and abusive ex-spouses.

POLITICO was unable to determine what participating agency leaders said during the meeting, but there is a well-known fault line on encryption within the executive branch.

The DOJ and the FBI argue that catching criminals and terrorists should be the top priority, even if watered-down encryption creates hacking risks. The Commerce and State Departments disagree, pointing to the economic, security and diplomatic consequences of mandating encryption “backdoors.”

DHS is internally divided. The Cybersecurity and Infrastructure Security Agency knows the importance of encrypting sensitive data, especially in critical infrastructure operations, but ICE and the Secret Service regularly run into encryption roadblocks during their investigations.

An NSC spokesperson declined to comment on the meeting.

The high-level NSC discussion highlights how policymakers have continued grappling with encryption even as it has receded from the headlines.

“There is a significant [administration-]wide effort underway on what to do about the going dark issue,” said a lobbyist familiar with the discussions.

Tech companies such as Apple and Google began increasing their use of end-to-end encryption in 2014, to address privacy concerns sparked by former NSA contractor Edward Snowden’s disclosures about the vast sweep of U.S. government surveillance. In response, DOJ and the FBI reinvigorated a decades-old campaign against this feature, arguing that it posed an impenetrable roadblock in many criminal and counterintelligence investigations.

The 2015 San Bernardino, Calif., terrorist attack brought the encryption debate into the mainstream when DOJ took Apple to court to access a locked iPhone belonging to one of the shooters. Then-FBI Director James Comey accused Apple of trying to create a space beyond the reach of U.S. law. But that dispute ended without a definitive legal precedent, and despite the “going dark” problem occasionally resurfacing, encryption hasn’t made major headlines for years.

The transition between the Obama and Trump administrations saw a hand-off of sorts between two high-profile advocates of the need to access encrypted data. After President Donald Trump fired Comey, Deputy Attorney General Rod Rosenstein succeeded him as the government’s top “going dark” warrior. Rosenstein, who dealt with the issue as a U.S. attorney, warned vaguely that cooperation with Silicon Valley was unlikely to work, implying that legislation might be needed.

But now Rosenstein is gone, and experts generally agree that Congress is unlikely to pass a bill requiring warrant-compatible encryption.

Sens. Richard Burr (R-N.C.) and Dianne Feinstein (D-Calif.) floated a draft measure in 2016 after the San Bernardino attack, but an intense backlash quickly killed its prospects, and despite occasional rumblings, it has not reappeared since. The climate is no better for the administration in the Democratic-controlled House, where there is bipartisan opposition to undermining encryption.

Still, the decision to hold an NSC deputies meeting — which has happened rarely under national security adviser John Bolton — suggests that the issue may not remain on the back burner for long.

No comments: