A bipartisan pair of lawmakers are nearly ready to introduce legislation that would create a congressional commission on encryption, they told reporters in a conference call on Tuesday.
“The idea of having a debate about a backdoor into encryption could have happened fifteen years ago, but now the horse is [out of] the barn. … I don’t believe there’s a single silver bullet in a legislative way,” said Sen. Mark Warner, D-Va.
Warner was joined on the call by House Homeland Security chair Michael McCaul, R-Texas, who called the issue “one of the greatest challenges to law enforcement” in his lifetime. He said the Digital Security Commission he was seeking to propose with Warner would set “a tight time frame” to provide Congress with recommendations what he said was an “urgent, and I think very challenging threat to our national security.”
“We’re trying to get to a place where we can get to a solution,” McCaul said, though he did not provide a timeline.
Related Story: http://www.washingtonexaminer.com/article/2578808
McCaul has generally been critical of encryption technology. In November, he called it security’s “biggest threat today,” and he has suggested it may have contributed to recent terrorist attacks carried out around the globe. Warner disagreed however, saying a “backdoor into encryption” is not likely.
A “backdoor” refers to the idea that companies should keep “encryption keys” on hand to allow them to access data held by their customers in the event federal authorities request it. Those who oppose such an approach point out that plenty of encryption technology exists outside of America’s borders, beyond the purview of regulators in Washington.
In December, McCaul penned an editorial with Warner that suggested an evolving perspective, or at least a change in rhetoric. “Frustratingly, there are no easy answers,” the pair wrote. “The same tools that terrorists and criminals are using to hide their nefarious activities are those that everyday Americans rely on to safely shop online, communicate with friends and family, and run their businesses.”
“As a result, digital innovations present us with a paradox. We are no longer simply weighing the costs and benefits of ‘privacy vs. security’ but rather ‘security vs. security,'” they added.
To date, officials have pointed to just one terrorist who may have used encryption to nefarious ends. That was a perpetrator in a May attack in Garland, Texas, who exchanged 109 encrypted text messages with someone overseas prior to the attack against an “Everybody Draw Mohammad Day” exhibition.
Lawmakers have nonetheless worried that unbreakable end-to-end encryption technology, used in popular applications like Apple’s “iMessage” and Facebook’s “Whatsapp,” could be used for malevolent purposes in the future. Senate Intelligence Committee chairman Richard Burr, R-N.C., and Ranking Member Dianne Feinstein, D-Calif., have said they plan to introduce their own bipartisan legislation, effectively to ban end-to-end encryption.
Related Story: http://www.washingtonexaminer.com/article/2580790
Yet with the landscape evolving rapidly in terms of both technology and terrorism, it remains to be seen how the regulatory effort will play out. Last week, counterterrorism analysts with the Ghost Security Group reported discovering that elements within the Islamic State appeared to have developed their own “rudimentary” application for sending encrypted text messages. That development could substantially diminish the relevance of any regulatory solutions being sought by lawmakers.
