Andrew C. McCarthy: What Americans Need to Know About the Encryption DebatePosted: December 1, 2015
In the surveillance area, I believe the public is mostly wrong.
Andrew C. McCarthy writes: Should private companies that provide users with encryption technology be required to assist law-enforcement and intelligence services to defeat that technology? This question is a more pressing one in the wake of November’s Paris terrorist attacks. But it is a very tough question that has vexed both the government and providers of communications services for years.
“The problem is that encryption technology has gotten very tough to crack and very widely available. Consequently, if terrorists or other high-level criminals are using it to carry out schemes that endanger the public, government agents cannot penetrate the communications in real time.”
Part of what makes it so difficult is the new facts of life. As I noted during the debate over the NSA’s bulk-collection of telephone metadata, we are operating in a political environment that is night-and-day different from the aftermath of 9/11. Back then, a frightened public was demanding that the government do a better job of collecting intelligence and thwarting terrorist plots. Of course that sentiment was driven by the mass-murder of nearly 3,000 Americans, coupled with the destruction of the World Trade Center and a strike against the Pentagon. But it also owed in no small measure to the fact that government had done such an incompetent job gathering and “connecting the dots” prior to the attacks. There was a strong public sense that intelligence agencies needed an injection of muscle.
“That they have a legal basis to conduct surveillance is beside the point; all the probable cause in the world won’t help an agent who lacks the know-how to access what he’s been authorized to search.”
Today, the public’s sense tends in the other direction. There have been spectacular abuses of government power (e.g., IRS scandal), and intrusive security precautions infused by political correctness (e.g., airport searches). Americans understandably suspect that government cannot be trusted with enhanced authorities and that many of its tactics are more about the appearance of security than real security.
It is, moreover, no longer sufficient for the national-security right to posit that security measures pass legal muster. The public wants proof that these measures actually and meaningfully improve our security, regardless of whether they are justifiable as a matter of law.
This makes it a very uphill environment in which to suggest, as FBI Director Jim Comey has recently done, that communications providers should provide the government with keys to unlocking their encryption technology – encryption-key repositories or what is often called “backdoor” access.
The problem is that encryption technology has gotten very tough to crack and very widely available. Consequently, if terrorists or other high-level criminals are using it to carry out schemes that endanger the public, government agents cannot penetrate the communications in real time. That they have a legal basis to conduct surveillance is beside the point; all the probable cause in the world won’t help an agent who lacks the know-how to access what he’s been authorized to search.
At the excellent Lawfare blog, there is a good piece by Matt Waxman (a Columbia law prof and former government security official) and Doron Hindin (an expert in Israeli security law now studying at Columbia) on how Israel regulates encryption. What is most interesting about it is that while Israel has extensive laws requiring business to cooperate with the government, the system is marked by lax enforcement; yet, it appears to work well nonetheless.
Why? Because there is no real doubt about the existential threat Israel faces; there is a generally good relationship between the government and hi-tech innovators….(read more)
Source: PJ Media