In the wake of the attacks in Paris and San Bernardino, FBI director James Comey has called on tech companies to stop "by defaut" end-to-end encryption -- so that the FBI can monitor communications again. Comey wants companies like Apple to be able to intercept private messages and hand them over to law enforcement.
Companies that offer end-to-end encryption have argued that they can't physically decrypt communications -- nor would they want to. And that their customers want the security of encryption. But Comey doesn't buy this. "It's not a technical issue," Comey said, addressing the Senate Judiciary Committee. "There are plenty of companies today that provide secure services to their customers and still comply with court orders. There are plenty of folks who make good phones and are able to unlock them in response to a court order. In fact, the makers of phones that today can't be unlocked, a year ago they could be unlocked."
For Comey, it's a business problem. Tech companies have adopted end-to-end encryption because they think it's what their customers want. And they're working on improving their encryption to fight off the competition.
Rights groups have spoken out against Comey's argument that encryption is a business rather than technical problem.
In a response post on the Electronic Frontier Foundation's site Andrew Crocker expressed fear that the FBI will use "backroom pressure to make companies compromise encryption, or even eliminate business models it doesn't like."
Crocker continued that cryptographers are "unanimous" in their contempt for encryption with backdoors. "Designing their tools in the way that Comey wants will have potentially disastrous effects on user security," Crocker wrote.
It's probably true that customers have had an interest in secure communications since Edward Snowden's revelations about the NSA and GCHQ. But Comey doesn't believe so. Twelve months ago customers bought iPhones and used WhatsApp, knowing that their communications weren't secure, he said.
That said, some tech firms have been moving towards encryption since before the Snowden leaks. FaceTime has been end-to-end encrypted since 2010, and Apple instant messaging since 2011. Both features were added without drawing significant attention to the security.
Tech companies have so far been receptive to the FBI's requests, Comey continued. But at the end of November -- after the Paris attacks -- Apple, Facebook and Google issued a call for encryption protections. "We deeply appreciate law enforcement's and the national security community's work to protect us, but weakening encryption or creating backdoors to encrypted devices and data for use by the good guys would actually create vulnerabilities to be exploited by the bad guys," wrote Dean Garfield, president of the Information Technology Industry Council, who issued the call on behalf of 56 technology companies.
Comey's request isn't new. The FBI and CIA directors, alongside other US government departments, have expressed their concerns about "Going Dark" before. "The United States government is actively engaged with private companies to ensure they understand the public safety and national security risks that result from malicious actors' use of their encrypted products and services," said Comey.
A similar battle is being fought in the UK -- the draft Investigatory Powers Bill wants communications companies to be able to decrypt messages when they are asked for with a warrant.
This article was originally published by WIRED UK
