As Encryption Debate Gets Fiercer, Silicon Valley And D.C. Collide

The two sides aren't exactly seeing eye to eye after the Paris attacks.

The drum beat in Washington is growing for tech companies and politicians to come to some kind of agreement on encryption.

In the wake of the Paris attacks last week, the White House on Thursday invited executives from Silicon Valley technology companies to come to Washington and talk more about concerns that terrorists are evading capture by using encrypted devices or services made or operated by American companies.

The tech industry has argued in the past that encrypting data and network connections keeps data private and people safe and secure against criminals and autocratic governments.

Despite a lack of clarity regarding how or even whether the Paris attackers used encryption to cover their tracks, U.S. lawmakers, intelligence officials and The Washington Post editorial board want U.S. technology companies to find a way to give law enforcement access to user data on encrypted devices and services.

An operational security manual obtained by the Combating Terrorism Center at West Point shows that members of the self-described Islamic State -- which took credit for the shootings and suicide bombings in Paris -- are using a variety of encrypted apps and services to try to evade surveillance and military intelligence agencies. While some of this tech is made in the U.S., not all of it is.

As the New York Times reported in October, however, the Obama administration decided it would not seek access to encrypted data from U.S. tech companies.

In doing so, the White House sided with the technologists who have repeatedly testified to Congress and the public that it's not possible to provide U.S. law enforcement access without also creating a vulnerability for other nation states and criminals to exploit.

To put it another way, the people who research and build IT security systems for a living say a "secure backdoor" is an oxymoron. Meanwhile, the leaders of tech companies -- which employ these IT professionals to secure the services and devices they sell -- are backing up that position.

“I don’t know a way to protect people without encrypting,” said Apple CEO Tim Cook, at the WSJD Live technology conference in October. “You can’t have a backdoor that’s only for the good guys.”

Despite all of that context, the Paris attacks have now brought the issue of domestic surveillance into the presidential race. In an appearance at the Council on Foreign Relations in New York on Thursday, Democratic presidential hopeful Hillary Clinton called for a resolution to the debate on encryption, encouraging the public and private sector to try harder.

“We need Silicon Valley not to view government as its adversary,” said Clinton. “We need our best minds in the private sector to work with our best minds in the public sector to develop solutions that will both keep us safe and protect our privacy.”

As secretary of state, Clinton supported funding Internet freedom technologies that made safe, secure communications available to more democratic activists and journalists around the world, enabling them to evade online crackdowns and bear witness to history.

In 2015, the U.S. State Department doubled down on these programs, spending millions on Internet freedom technologies that enable people to circumvent censorship, keep their identity anonymous and rebuff denial-of-service attacks.

That's another reason technology companies have improved the strength of the encryption in their products: There's a market demand for technology that protects your privacy and keeps sensitive, confidential data secure.

"National security always matters, obviously, but the reality is that if you have an open door in your software for the good guys, the bad guys get in there too" Cook told NPR in October. "Think about what happened here in [D.C.] with ... literally tens of millions of employees of the government getting their data stolen. And so we think that our customers want us to help them keep their data safe."

Suggest a correction