Testifying before the Senate Judiciary Committee last week, FBI Director James Comey argued that data should never be transmitted or stored in a way that frustrates government snooping. Comey warned that encryption is a boon to criminals and therefore must be designed so that law enforcement agencies can decode it when the need arises.
As a panel of computer security experts pointed out in a report issued two days before that hearing, Comey's argument founders on the practical difficulties of facilitating access by government officials without facilitating access by "bad actors." Another problem: Sometimes the bad actors (SET ITAL) are (END ITAL) government officials.
Comey's insistence that the world be arranged to make his job easier should sound familiar to anyone who recalls the debate over encryption controls during the Clinton administration, which wanted telecommunications companies to incorporate a wiretap-enabling "Clipper chip" into their devices. The initiative was abandoned after experts pointed out that the key escrow arrangement required by the Clipper chip was technically impractical and risky, making communications vulnerable to malicious hackers.
Many of the same experts -- including Harold Abelson, Matt Blaze, John Gilmore, Peter Neumann and Ronald Rivest -- collaborated on last week's report, which comes to similar conclusions while emphasizing that the stakes are much higher today because "the scale and scope of systems dependent on strong encryption are far greater, and our society is far more reliant on far-flung digital networks that are under daily attack." Abelson et al. conclude that proposals for "exceptional access" to encrypted data by law enforcement agencies "are unworkable in practice, raise enormous legal and ethical questions, and would undo progress on security at a time when Internet vulnerabilities are causing extreme economic harm."
In addition to the threat posed by identity thieves, blackmailers, commercial spies and saboteurs who might take advantage of the weaknesses introduced by exceptional access, Abelson and his co-authors worry about demands for encryption controls from governments that treat dissidents as criminals. Comey concedes the danger in his written testimony, saying "any steps that we take here in the United States may impact the decisions that other nations take -- both our closest democratic allies and more repressive regimes."
As the National Security Agency's illegal mass collection of our telephone records illustrates, it is not just foreign governments we need to worry about. Nor are programs aimed at catching terrorists the only threat.
Reason magazine, where I work, recently received a grand jury subpoena demanding information about readers who had reacted angrily to the life sentence imposed on Ross Ulbricht, founder of the virtual drug emporium known as Silk Road. The online comments about the federal judge who sentenced Ulbricht -- including the suggestion that some judges should be taken out and shot, another that they should instead be fed into a woodchipper, and a third saying a "special place in hell" should be reserved for them -- were crude and hyperbolic but did not by any stretch of the imagination amount to "true threats" unprotected by the First Amendment.
By Comey's logic, such harassment of harmless individuals based on their constitutionally protected criticism of government officials should never be impeded by software such as Tor, which conceals the IP addresses of speakers who want to remain anonymous. In fact, his argument suggests that publications such as Reason should be forced to allow comments only from people who submit their names, addresses and phone numbers -- just in case.
Comey wants us to focus on situations in which enlightened officials who respect the rule of law and civil liberties are seeking evidence for legitimate purposes. "Once all of the requirements and safeguards of the laws and the Constitution have been met," he says, "are we comfortable with technical design decisions that result in barriers to obtaining evidence of a crime?"
Another way of putting it: Are we comfortable with forcing technical design decisions that make sensitive information more readily available to people with ill intent, including people who happen to work for the government?