Backdoors to Encryption

surveillance eye map with binary code

As encryption has become a common facet of modern technology, the laws governing privacy and law enforcement’s access to information has struggled to keep pace. The most current law governing email privacy dates to 1986, and with numerous failed attempts to update it. Many smartphones now come with encryption enabled by default. Apple famously fought the FBI in court in the case of a terrorist attack in San Bernardino in 2015, and refused the FBI’s request for assistance in obtaining data from an encrypted iPhone used by the suspect. Even prior to the San Bernardino case, current FBI director James Comey advocated for a “backdoor” to encryption so that law enforcement could have access to data related to criminal investigations.

The debate about a possible backdoor for encryption is again in the headlines. Director Comey restated his support of law enforcement gaining access to data during investigations during a conference on cybersecurity hosted by Boston College in early March. In his remarks, Director Comey said that “there is no such thing as absolute privacy in America”.

Despite the FBI and other enforcement agencies’ push for backdoors into encrypted data, several prominent former government employees strongly oppose the idea, including Gen. Michael Hayden (Ret.), the former head of the CIA and NSA. Over the last several years, the debate has increased in prominence in the news, and each side has published a slew of papers and articles to defend their viewpoint.

Technical experts agree that it is not possible to enable a backdoor into an encryption scheme without fundamentally weakening the system. Noted security researchers Bruce Schneier, Whitfield Diffie, and Matthew Green were just three of several authors of a paper in 2015, which outlined the technological problems of law enforcement’s proposals for access, and the consequences for privacy and the rule of law. More recently, Bruce Schneier co-authored a paper outlining possible workarounds that law enforcement officials could use in investigations, instead of weakening encryption.

On the other side, law enforcement at both the local and federal levels have outlined the difficulty in investigating crimes when encryption is used. Between the oft-repeated support of Director Comey for access to encrypted data, to documents like the one produced by the Manhattan District Attorney’s Office about smartphone encryption and public safety, alarm bells are going off with every app that upgrades its encryption scheme.

The debate about how to best preserve strong encryption and privacy, while allowing law enforcement officials access to data that is crucial to investigations and national security will certainly continue for some time.