For years, American law enforcement agencies, led by the FBI, have been petitioning the government for a mandated backdoor into encrypted communications. This has come up again as FBI Director Christopher Wray connected encrypted communications to the attack on the United States Capitol on January 6th in testimony to the Senate Judiciary Committee.
However, despite pointing towards this recent incident, Wray has made similar requests to Congress in 2020 and 2019. It seems clear that this request is not based on any newly recognized threat but a part of law enforcement’s long-held view of encryption as a barrier.
Does law enforcement have the tools it needs to deal with encryption?
Law enforcement agencies around the country are already able to access various forms of encrypted communications, including getting through many phone lock screens as well as accessing unencrypted communication metadata. This information reveals which parties sent and received messages and when, even for secure communications such as encrypted email.
Many of the processes law enforcement agencies use to unseal encrypted information are considered too expensive or time-consuming. However, these processes are already in use for even low-level crimes, including graffiti, shoplifting and public intoxication, according to a report from the technology justice nonprofit Upturn. The idea that these processes are too elaborate or costly to use even in counterterrorism operations when they’re routinely being used for minor offenses seems counterintuitive.
What role should encryption play in the future?
End-to-end encryption is typically presented to consumers and businesses as a matter of professional and personal security. Encryption is used for keeping sensitive personal information such as an individual bank account login safe, as well as larger industry standards such as sending sensitive medical or legal documents via email.
As more communications move online, as so many have by necessity in the past year, it only becomes more important that people have access to the highest levels of cybersecurity in their professional and personal lives. Cybersecurity experts have expressed concern that any backdoor opens up potential weaknesses for the multitudes of data transmitted every day that depends on trustworthy encryption.
“Any method that gives third-party access to encrypted data is a backdoor, a vulnerability that weakens the security and privacy millions of Americans rely on each day, including members of our armed forces,” said Ryan Polk, a senior policy adviser with global nonprofit the Internet Society.
The FBI is arguing for special access to secured data — however, cybersecurity experts continue to warn this special access could be created in a way that wouldn’t similarly weaken security against bad agents. As more sensitive communications move online, cybersecurity remains an arms race against hackers, so many cybersecurity experts are wary of weakening these defenses at this pivotal moment.