The debate over the government’s authority to access private encrypted data on digital devices was amplified Tuesday when the Federal Bureau of Investigation Director Christopher Wray called unbreakable encryption an “urgent public safety issue.”
Wray said FBI was locked out of 7,775 devices in the calendar year 2017, ending on Sept. 30. “This is an urgent public safety issue,” Wray said addressing an audience at the International Conference on Cyber Security conference.
His comments should come as little surprise and echo former FBI Director James Comey who was a staunch critic of smartphone encryption. U.S. Deputy Attorney General Rod Rosenstein made a similar argument in October stating “warrant-proof” encryption hobbles law enforcement’s ability to protect the public and solve crimes.
While Wray’s address, which covered topics such as emerging cyber threats and a FBI cyber-skills gap with the private sector, did not focus on encryption he called for update of “laws to keep pace with technology.”
“I want to wrap up by talking about two challenges connected to the digital revolution. The first is what we call the ‘Going Dark’ problem. This challenge grows larger and more complex every day. Needless to say, we face an enormous and increasing number of cases that rely on electronic evidence. We also face a situation where we’re increasingly unable to access that evidence, despite lawful authority to do so,” he said.
The speech was the latest from U.S. lawmakers expressing the opinion strong encryption is good for business and personal privacy, but with caveats.
Privacy advocates have long argued encryption backdoors and forcing tech companies to weaken encryption puts U.S. companies at a disadvantage and undermines security and privacy of users. They argue “law enforcement and intelligence agencies already have access to more data about us, our communications, and our movements than at any other time in human history,” according to past comments by the Electronic Frontier Foundation.
Wray countered smartphone metadata such as transaction data, call data and text messages to a third-party is helpful, but inadequate for prosecuting criminals. “While there’s a certain amount we can glean from that, for purposes of prosecuting terrorists and criminals, words can be evidence, while mere association between subjects isn’t evidence,” he said.
“Let me be clear: The FBI supports information security measures, including strong encryption. But information security programs need to be thoughtfully designed so they don’t undermine the lawful tools we need to keep this country safe,” he said.
He urged the private sector to work with law enforcement and “respond to lawfully issued court orders.”
In early 2016, a federal magistrate ordered Apple to help the FBI break into a San Bernardino terrorist’s iPhone 5C, which was locked with a four-digit passcode that would be automatically wiped after 10 incorrect guesses.
Apple CEO Tim Cook stood nose-to-nose with the government for close to two months, before the FBI found a still-unnamed third party to access the device.
“We’re not looking for a ‘back door’—which I understand to mean some type of secret, insecure means of access. What we’re asking for is the ability to access the device once we’ve obtained a warrant from an independent judge, who has said we have probable cause,” Wray said.
Both Apple and Google enable encryption by default on new iPhones and Android smartphones, so only the user can unlock their phone.
The Attorney General and the FBI have said in the past that congress may need to create new rules allowing law enforcement access to encrypted data or wiretap online communications when they have appropriate legal authority, such as a search warrant.
(Image credit: FBI, public domain)