FBI Director James Comey called for a national conversation about how far tech companies should be allowed to go in applying encryption to their devices, saying law enforcement faces growing and overlapping challenges in accessing data needed to prosecute crimes.
During a speech at the Brookings Institution Thursday, Comey said the new forms of encryption being developed for mobile devices, as well as the rapid growth of the devices themselves, make it tough for the FBI to keep up with ways criminals can “go dark.”
“With going dark, those of us in law enforcement and public safety have a major fear of missing out,” Comey said. “Missing out on predators who exploit the most vulnerable among us; missing out on violent criminals who target our communities; missing out on a terrorist cell using social media to recruit, plan and execute an attack. We have seen case after case — from homicides and car crashes to drug trafficking, domestic abuse and child exploitation — where critical evidence came from smartphones, hard drives and online communication.”
Comey has been vocal over the last few weeks about the need for law enforcement to have a way into encrypted systems after tech companies like Apple Inc. and Google Inc. announced they will build encryption into the default versions of their operating systems. Comey said it was these announcements that caused him to speak out, something he has rarely done since being named FBI director in September 2013.
“[These companies] are good folks responding to a market imperative, but holy cow, where are we going?” Comey said.
Comey tried to dispel the notion that the FBI is asking tech companies to build in a universal back door for law enforcement to access, saying the bureau wants to follow the rule of law already on the books.
“We aren’t seeking a back-door approach,” Comey said. “We want to use the front door, with clarity and transparency, and with clear guidance provided by law. We are completely comfortable with court orders and legal process — front doors that provide the evidence and information we need to investigate crime and prevent terrorist attacks.”
Harley Geiger, senior counsel for the Center for Democracy & Technology, said any security vulnerability built into devices will inherently make them less safe.
“Whether you call it a back door or a front door, if we are talking about a security vulnerability in technology products, we are talking about the same thing and it’s extremely problematic,” Geiger said. “We think it will lead to greater insecurity for tech products that can be exploited by bad actors and other governments — not necessarily just the U.S. government — and that it will have a negative effect on American industry and it may not, in the end, make people considerably safer.”
Worries over security measures were echoed by Sen. Ron Wyden, D-Ore., who tweeted during Comey’s speech that he opposes any built-in back doors.
— Ron Wyden (@RonWyden) October 16, 2014
Last week, Wyden hosted a panel where top executives from tech companies said the new encryption standards were in response to the revelations brought to light regarding the National Security Agency’s surveillance practices. Facebook General Counsel Colin Stretch said during that event he would be “fundamentally surprised if anybody takes the foot off the pedal of building encryption into their products.”
Comey said Thursday the FBI’s intent isn’t to stifle innovation or undermine tech companies, but that law enforcement’s growing inability to collect vital data is too great a risk for the country.
“We have to find a way to help these companies understand what we need, why we need it, and how they can help, while still protecting privacy rights and providing network security and innovation,” Comey said. “We need our private sector partners to take a step back, to pause, and to consider changing course.”
You can read Comey’s full speech on the FBI’s website. You also can watch the full speech, plus a Q&A session, in the video below.