White House and congressional staffers have asked Silicon Valley executives for new talks in Washington, D.C., to resolve a standoff over encrypted communication tools in the wake of the Paris terrorist attacks, people familiar with the matter said.
The approaches are among the most concrete signs of how last week’s bombings and shootings have put a new spotlight on the debate about whether American companies should be allowed to offer ultrasecure messaging tools.
There is no evidence the Paris attacks have changed technology companies’ view that strong encryption protects consumers, and that providing a way for police to eavesdrop would open the door to exploitation by criminals and repressive governments. Late Thursday, the Information Technology Industry Council, whose members include Apple and Microsoft Corp. , said in a statement, “Weakening security with the aim of advancing security simply does not make sense.” But Apple Inc., Google parent Alphabet Inc., Facebook Inc. and others face a difficult public-relations dance, because executives don’t want to be seen as brushing off the implications of a tragedy.
“It’s not the ideal time to be out there touting the benefits of encryption,” said an attorney who has worked on encryption issues. There is no evidence Islamic State attackers in Paris relied on scrambled communications. Some used run-of-the-mill text messages, which can be easily monitored if a suspect is known, according to French media reports. The Paris attacks came amid an 18-month feud between Washington and Silicon Valley that began when Apple and Google released new smartphone software that the companies said they cannot unlock, even if faced with a court order.
Top U.S. law-enforcement officials have said the software would cripple some criminal investigation. Talks aimed at ensuring law enforcement access to certain messaging systems and devices reached a stalemate in the fall. Unwilling to dictate product specifications to some of the nation’s most successful companies, the administration decided not to push for a change in law.
The Paris attacks may complicate efforts to reach a near-term compromise. “There is a solution out there and there’s a way to get to it but this isn’t the month to be starting down that path,” said James Lewis, a cybersecurity expert and former Clinton administration official who has consulted with tech companies and government. He and the Center for Strategic and International Studies, where he is a senior fellow, had planned a forum on encryption policy this fall. After the Paris attacks, he postponed it.
Since Paris, Sens. John McCain, Dianne Feinstein, and other lawmakers have said they want to ensure investigators can access the content of encrypted communications. Mr. McCain has said he wants to pursue legislation. Apple has said it would never build a government backdoor into its products, because doing so would create security vulnerabilities that can be exploited by criminals. On its website, Apple says encryption protects trillions of online transactions daily and eliminating it would expose people to many risks.
“I don’t know a way to protect people without encrypting,” Apple Chief Executive Tim Cook said last month at technology conference. “You can’t have a backdoor that’s only for the good guys.” Rachel Whetstone, former head of communications and public policy at Google, said in February that governments don’t have and should not get backdoors to access Google user data because the company has a duty to keep users’ information private. A person familiar with the company’s thinking said Google’s views on encryption haven’t changed.
Even if Apple and Google could be convinced to cooperate, tech executives say there are dozens of other encrypted communication systems. Most encryption techniques are publicly known and terror organizations could build their own alternatives, they said. “The cat is already out of the bag,” added one executive.
One technology executive acknowledged mixed feelings. “While I continue to feel that outlawing end-to-end encryption would be both ineffective and a slippery slope for society, I’m also aware that I have limited knowledge of all the scary things happening in the world today,” said Ted Livingston, chief executive of Kik Interactive Inc., developer of the Kik Messenger messaging application.
The Waterloo, Ontario, company’s app doesn’t store the content of messages on the company’s servers. That means, the company says, it can only give authorities data on users, not transcripts of what they say to each other. It faced some negative publicity following reports in The Wall Street Journal and elsewhere that Islamic State operatives see this feature as advantageous and use the app.