WASHINGTON—The Federal Bureau of Investigation is issuing a more
direct challenge to technology companies in the wake of terror
attacks in Paris and California, urging them in blunter terms to
allow investigators to decrypt private communications during terror
probes.
Hoping to escape a continuing debate over the technical
feasibility of decryption, which they fear plays into Silicon
Valley's hands, FBI Director James Comey and others are pushing
executives to move away from a policy they say values customers'
privacy over public safety.
"It is a business-model question," Mr. Comey said at a recent
congressional hearing, adding that executives "have designed their
systems and their devices so that judges' orders cannot be complied
with…Should they change their business model? That is a very, very
hard question."
Challenging tech CEOs like Apple Inc.'s Tim Cook directly
suggests that Mr. Comey could be laying the groundwork for a push
in Congress for legislation that would force the companies to
change their products.
So far, however, there is no indication the tech industry is
retreating from its argument that strong encryption is necessary to
protect users' information, and that providing a technological
"key" or "backdoor" for law enforcement would simply make the
information more vulnerable to hackers of all kinds.
Apple, in response to questions for this article, said this
isn't a new issue, since the company has used encryption for well
over a decade as a vital way to protect customers' personal
information.
"As hacking schemes and cybercrimes against individuals,
companies and governments have become daily occurrences, we have
worked hard to keep pace," Apple said in a statement. "We know that
criminals will seek out encryption techniques or develop their own,
so weakening encryption in consumer devices will only hurt
law-abiding citizens who rely on it to protect their data."
Still, not all tech companies are equally firm. John Chen, CEO
of cellphone maker BlackBerry Ltd., has declared the company will
work with the government to be responsive to court orders, saying,
"Our privacy commitment does not extend to criminals."
In the wake of the recent mass killings, advocates on both sides
are watching closely for a shift in public sentiment that might put
more pressure on tech companies to allow law enforcement access to
encrypted information if they have a court order.
Some members of Congress are highlighting the terror attacks and
threatening legislation in an attempt to pressure companies to make
changes. Others have urged the creation of a blue-ribbon panel to
study the issue and offer recommendations.
The FBI's current reframing of the issue is a shift from past
appeals for software designers to find technical solutions. At the
same time, law-enforcement officials are citing the menace of
terror attacks rather than emphasizing crimes like child
abductions, as they've done previously.
Cindy Cohn, executive director of the Electronic Frontier
Foundation, a privacy group, said the FBI's shift "means they
realize their first strategy wasn't working." She added, "By
shifting the conversation to a 'business model,' they may think
they have more leverage against those people."
When the U.K. recently proposed giving officials more power to
monitor communications, Apple fired back with a lengthy response
saying the plan would threaten the security of millions of people's
data.
Mr. Comey isn't the only law enforcement leader seeking to
re-energize the effort to allow investigators pierce encryption in
the wake of the terror attacks in Paris and San Bernardino,
Calif.
In a lengthy report on the issue in November, Manhattan District
Attorney Cyrus R. Vance Jr. argued, "Apple and Google are not
responsible for keeping the public safe. That is the job of law
enforcement. But the consequences of these companies' actions on
the public safety are severe."
Officials at Google declined to comment.
A year ago, senior Justice Department officials met with Apple
lawyers and laid out concerns about "end-to-end" encryption, which
makes it impossible for authorities to scrutinize the content of
encrypted exchanges.
The meeting followed a decision by Apple to make end-to-end
encryption a default setting for some features on its new iPhones.
Google announced a similar move around the same time for its
Android cellphone operating system, with both companies saying they
were focused on protecting their customers' privacy.
At the meeting, government officials raised the specter of a
child's murder going unsolved because a suspect's or victim's phone
couldn't be accessed. That infuriated the Apple lawyers and widened
the gulf between the two sides, according to people familiar with
the discussions. Tempers have cooled since then, but the policy
differences remain.
Government officials acknowledge it may be hard to find a case
where encryption indisputably prevented the thwarting of a deadly
attack. Even where terrorists have used encrypted communications,
they say, they generally also have engaged in unencrypted exchanges
that law enforcement could monitor.
The problem of suspects "going dark" isn't that investigators
see nothing of what an individual does, but that they see far less
of it, making it harder to know if an attack may be in the offing
and try to prevent it beforehand, officials said.
Terrorism has made encryption a hotter issue, but police have
long complained that it can interfere with investigations of an
array of crimes. Some officials cite a 2012 federal appeals court
ruling related to a child-pornography case as an example of how
encryption can enable dangerous criminals to remain free.
In that case, investigators noticed an individual was using
Internet connections at California hotels to access and share
videos of child molestation. When they cross-checked the hotels'
registries for those dates, a single name came up. Authorities
seized the man's computers and hard drives, but all the data was
encrypted. He was ordered to enter the password to the devices but
he refused and was jailed for contempt of court.
An appeals court eventually ruled the man couldn't be forced to
provide a password, because to do so would have infringed his Fifth
Amendment rights against self-incrimination. That forced
prosecutors to drop the case and the man wasn't charged.
Write to Devlin Barrett at devlin.barrett@wsj.com
(END) Dow Jones Newswires
December 29, 2015 19:55 ET (00:55 GMT)
Copyright (c) 2015 Dow Jones & Company, Inc.
BlackBerry Ltd. (NASDAQ:BBRY)
Historical Stock Chart
From Mar 2024 to Apr 2024
BlackBerry Ltd. (NASDAQ:BBRY)
Historical Stock Chart
From Apr 2023 to Apr 2024