On July 8th, FBI Director James Comey and U.S. Deputy Attorney General Sally Yates testified before the Senate Judiciary Committee regarding the government’s growing difficulty in obtaining electronic data. Both Comey and Yates told the Committee that even with a court order or warrant, law enforcement is unable to unlock encrypted data, effectively leaving them “in the dark” when pursuing criminals. Neither went so far as to offer a solution to this problem, but as part of their testimony both suggested requiring developers to build “backdoors” into their software—thereby giving law enforcement agencies access, making their jobs easier.
This idea is as misguided as it is recycled. Mandatory backdoors that enable access into otherwise encrypted networks, systems, apps, and data has been refuted for years. Technologists, civil libertarians, consumer groups, and other government agencies including the FTC, State Attorneys General and—yes—even the FBI, have pushed for further data protection.
For several years, consumer protection officials and law enforcement have encouraged (often to the point of demanding) consumer data be protected at all costs. Responding appropriately to marketplace and government forces, developers and industry stakeholders regularly provide and promote encryption tools that ensure personal information and communications remain private.
The suggestion that developers compromise their ongoing efforts to strengthen encryption technologies undermines their work, consumers' confidence, and law enforcement’s credibility. Substantial and widespread privacy practices are standard in today’s global, digital marketplace. Vulnerable software is bad for innovation, bad for business and bad for consumers.
Law enforcement has an obvious interest in prosecuting crime and protecting Americans, but creating encryption vulnerabilities that will enable more identity theft and cause more consumer harm is the wrong solution. As national security agencies ask for the key to unlock doors inside otherwise encrypted technologies, Congress should insist they utilize the already well-established legal methods to access data before mandating backdoors into apps, digital products and digital services. The industry and American consumers should not be required to hand over the keys to personal data.
View the hearing and learn more about the encryption debate:
The Apps Alliance