To stop terrorists and other criminals, cell phones should have encryption backdoors to enable US government surveillance, argues FBI Director James Comey. After one year on the job, Comey outlined his vision for the future of the FBI, including a bigger focus on cyber and the creation of a new intelligence office within the bureau.
Cell phone encryption will prevent the federal government from stopping terrorists and child molesters unless the government is given special access, Federal Bureau of Investigation Director James Comey told.
Comey, who noted that "both real-time communication and stored data are increasingly encrypted," said that the trend by service providers to encrypt their customer data could prevent the government from lawfully pursuing criminals. "Justice may be denied, because of a locked phone or an encrypted hard drive," Comey said in his prepared remarks at the Brookings Institute. He explained that while Communications Assistance for Law Enforcement Act (CALEA) from 1994 mandated that telephone companies build wiretapping backdoors into their equipment, no such law forces new communication companies to do the same. However, he didn't mention that CALEA was expanded from its original mandate to include broadband Internet and Voice over Internet Protocol (VoIP) systems like Skype in 2004.
"We aren't seeking a back-door approach," Comey said, referring to a common term for encryption that has been intentionally weakened. "We want to use the front door, with clarity and transparency, and with clear guidance provided by law," including court orders, he said. The spying scandal that kicked off when former National Security Agency contractor Edward Snowden leaked classified surveillance documents has seen tech titans including Apple, Google, Yahoo, Microsoft and Facebook scramble to build tougher encryption into their products. Google's Eric Schmidt warned that the spying will "break the Internet."
While evoking imagery of children at play and innocents exonerated of false accusations thanks to FBI investigations unencumbered by encryption, Comey derided concerns by the tech community that weakening encryption made devices more susceptible to cyber-criminal attacks. He acknowledged that "adversaries will exploit any vulnerability they find," but that those exploits introduced by a backdoor could be mitigated by "developing intercept solutions during the design phase," he said.
Cryptography expert and University of Pennsylvania professor Matt Blaze disagreed with that assumption. Comey's speech, he said on Twitter, "didn't merely dismiss or minimize the technical risks of back doors, it completely ignored them." Christopher Soghoian, the American Civil Liberties Union's principal technologist on its Speech, Privacy and Technology Project, said that Comey's insistence on weakening encryption opens the data to "foreign governments and criminals," he said, "whether you call it a 'front door' or a 'back door.'" Soghoian noted in a blog post from 2010 that CALEA explicitly protects the right of a telecommunications company to build encryption to which only the customer possesses the cryptographic keys.
Comey's speech appears to want to change that. The FBI didn't return a request for comment. Google declined to comment specifically on Comey's statements, but reiterated its support for encryption. "People previously used safes and combination locks to keep their information secure -- now they use encryption. It's why we have worked hard to provide this added security for our users," a Google spokesperson said. Apple didn't respond to a request for comment.