The comments are just the latest example of top Obama administration officials offering conflicting views on how to address the growing use of encryption, which can thwart both law enforcement agents and criminals from gaining access to sensitive data.
FBI Director James Comey ignited the debate over encryption with a speech in 2014, in which he warned that criminals are increasingly “going dark” from government surveillance.
The FTC is an independent agency, so McSweeny isn’t required to be in lockstep with the FBI or any other part of the executive branch. The commission regulates consumer-protection issues, including privacy and data security. But McSweeny is not the only official to express concerns with policies that could weaken encryption.
Even National Security Agency Director Mike Rogers said last week that “encryption is foundational to our future” and that undermining encryption could lead to more massive hacks, like the breach of millions of federal records at the Office of Personnel Management, which was allegedly conducted by Chinese hackers. “Spending time arguing about, ‘Hey, encryption is bad and we have got to do something about it’—that is a waste of time to me,” Rogers said in a discussion at the Atlantic Council.
As the head of the NSA, Rogers has competing interests when it comes to cybersecurity. Strong “end-to-end” encryption, in which messages are inaccessible even to the tech companies transmitting the data, makes it harder for the NSA to conduct surveillance. But the NSA’s mission is also to protect U.S. networks from foreign hackers—a job that’s made easier by stronger security measures.
That tension between ensuring legal government access to data while keeping out hackers is at the heart of the administration’s conflicted approach to encryption. Most technology experts warn that any “backdoor” for government access can, at least in theory, also be exploited by hackers.
After a lengthy internal deliberation, the White House concluded last year that it would not ask Congress to pass legislation ensuring government access to encrypted data. Instead, the White House is focused on working with tech companies to try to find some other voluntary solution to address the issue. Senior administration officials, including White House Chief of Staff Denis McDonough, met with CEOs of major tech companies in San Jose, California earlier this month to discuss encryption (among other issues).
But the White House’s decision hasn’t settled the debate in Congress. Senate Intelligence Committee Chairman Richard Burr and ranking member Dianne Feinstein are working on legislation to force tech companies to comply with court orders for data. Sen. Mark Warner, a Virginia Democrat, and House Homeland Security Chairman Michael McCaul, a Texas Republican, want to take a more cautious approach and create a commission to study the issue more thoroughly.
For the proponents of government access to data, the terrorist attacks last year in Paris and San Bernardino added even more urgency to the debate. Speaking at Monday’s tech conference, the Justice Department’s Caldwell said that a shooter in Garland, Texas last year sent more than 100 text messages to an overseas terrorist.
“We have no idea what he said because it was encrypted,” she said. “That is a big problem. We have to grapple with it.”