FBI boss: No encryption backdoor law (but give us backdoors anyway)

Let's keep this little matter private, eh, says Uncle Sam

President Obama will not push for laws requiring tech companies to cripple their encryption systems with backdoors, FBI boss James Comey has said.

But – and you knew a but was coming – the United States government will continue to lean heavily on American giants to plant backdoors in their systems.

Speaking at a Homeland Security and Governmental Affairs Committee in the US Senate on Thursday, FBI director Comey said: "The administration has decided not to seek a legislative remedy now, but it makes sense to continue the conversations with industry."

You can read Comey's testimony to the committee here [PDF].

The FBI boss had demanded portholes in encryption technology that would allow cops and g-men to snoop on people and crack the encryption on their gear. Then in September this year, it emerged the Obama administration was uneasy with putting into law requirements for backdoors in computer systems. Yet it was clear from leaked documents that officials were keen to persuade US tech companies to go along with the idea anyway. The decision to drop mandatory access was made on October 1, we're told.

"As the President has said, the United States will work to ensure that malicious actors can be held to account — without weakening our commitment to strong encryption,” said National Security Council spokesman Mark Stroh.

"As part of those efforts, we are actively engaged with private companies to ensure they understand the public safety and national security risks that result from malicious actors’ use of their encrypted products and services."

Our understanding is that the Feds are dying to gain access to your encrypted data-at-rest. It can yield good, solid evidence. Agents already have ways to lawfully intercept communications, more or less, so the next logical step is go after encrypted storage.

In other words, the Feds want to be able to forcibly decrypt the messages and files stored in your smartphone and on your PC. Whatever encryption software you use to protect your file systems, the US governments wants some kind of skeleton key to unlock those secrets if you refuse to or are unable to comply.

Of course, if the Feds can pick the lock on your device or computer, so can, in theory, criminals, hackers, and other miscreants. In effect, by demanding these government-friendly backdoors, the FBI seeks to completely ruin the security of encryption systems.

Tech companies will continue to face pressure to hamstring their products despite the White House backing away from asking the US Congress to pass laws that require crypto-weakening backdoors.

Perhaps this is because politicians don't understand that adding a backdoor blows the whole thing apart, rendering the encryption worthless – it's not something that can be switched on for an investigator and switched off at all other times. Either the system is secure or it's flawed.

In any case, it is clear the administration, and Uncle Sam's g-men, do not want this lobbying and arguing to take place in public, before the Senate and the House. No, far too messy. Much better for them to turn the screws in private, behind closed doors, with tech giants who may or may not change their minds on safeguarding your privacy.

"[Twitter, Facebook and Google] quite uniformly are opposed to any mandate or pressure — and more than that, they don’t want to be asked to come up with a solution,” Rep. Adam Schiff (D-CA) told the Washington Post. ®


Biting the hand that feeds IT © 1998–2017