FBI Director James Comey said Thursday that the recent movement toward default encryption of smartphones and other devices could “lead us to a very, very dark place.” Echoing comments made by law enforcement officials for the last several decades, Comey said that the advanced cryptosystems available today threaten to cripple the ability of intelligence and law enforcement agencies to gather vital information on criminals.
Speaking at an event at the Brookings Institute in Washington, D.C., Comey discussed the challenges that strong encryption present to law enforcement agencies, specifically when it comes to lawful interception of cell phone communications. Recent changes by Apple and Google to their mobile operating systems have introduced the ability for iPhones and Android devices to be encrypted by default. The big issue, however, is that the companies don’t hold the encryption keys, so they can’t decrypt users’ devices, even when presented with a court order or warrant.
Comey said that he understands users’ desire for security and privacy, but that those needs shouldn’t come at the expense of national security or law enforcement.
“We are not seeking to expand our ability to intercept communications. We are struggling to keep up,” he said. “Encryption threatens to lead us all to a very, very dark place. The place that this is leading us is one that I would suggest we shouldn’t go without careful thought and public debate.”
Privacy advocates and security experts have lauded the moves by Apple and Google as being good for consumers, many of whom wouldn’t necessarily go out of their way to enable encryption on their own. But Comey said that the presence of strong encryption on mobile devices will hamper criminal investigations.
“Law enforcement needs to be able to access communications in a lawful way in order to bring people to justice,” he said. “Those charged with protecting our people aren’t able to access the evidence we need even with lawful authority.”
Comey also indicated that the revelations of the NSA’s capabilities made by Edward Snowden has had the effect of turning public sentiment against the government on topics of surveillance, privacy and security.
“The prevailing view is that the government is sweeping up all of our communications. That is not true,” he said. “Some believe that the government and the FBI especially has these phenomenal communications capabilities. That’s the product of too much TV.”
The increased use of strong encryption has been an issue for law enforcement and intelligence agencies for decades, since the advent of readily available programs such as PGP. United States officials have sought to control the export of encryption tools, classifying them as munitions, and have forwarded various schemes such as key escrow to make decryption keys available to law enforcement. Security experts always have argued that the existence of such keys would fatally weaken any encryption system. Comey said that the FBI isn’t looking for a built-in vulnerability or trap door in iOS or Android to enable lawful access, but instead wants the same kind of access it has had to telecommunications systems for years through CALEA.
“We are not seeking a backdoor approach. We are completely comfortable with court orders and lawful authority,” he said. “With sophisticated encryption, there may be no solution at all, leaving us at a dead end. Even with a supercomputer, we would have difficulty with today’s high-level encryption.”