White House poised to issue encryption policy
The Obama administration is poised to unveil its long-term policy vision on encryption amid a global debate sparked by the recent terror attacks in Paris and San Bernardino, Calif.
Privacy advocates are urging the White House to take a strong stand in favor of encryption technologies, which protect online policy by preventing anyone — including law enforcement — from accessing private data.
{mosads}The FBI and other law enforcement agencies have called for guaranteed access to all encrypted communications. Without access, terrorists might freely be able to communicate, they have argued.
It’s not clear where the administration will come down on the issue when it releases its policy statement, which is expected to explain what role the government should — or shouldn’t — play in regulating encryption.
Publicly, the White House says it supports the use of strong encryption but understands the concerns raised by law enforcement. For the time being, officials have backed away from endorsing any legislative effort or mandate on tech companies.
Whatever the administration decides in the coming weeks is likely to have a major effect on the decisions made by other governments.
“I think it’s enormously important because America does often set the standard in many areas,” said Rep. Ted Lieu (D-Calif.), one of Congress’s most prominent voices on encryption. “I hope the White House will continue to push back against efforts for government to mandate backdoors into encryption systems.”
Both sides have leaned on the White House to take a clear stance since the terror attacks in Paris and San Bernardino, which together claimed nearly 150 lives.
The administration has been researching the topic, soliciting public comments and meeting with advocates on both sides of the debate.
Law enforcement officials want companies to decrypt data upon request, a process the tech community claims would weaken encryption.
A number of governments have sided with law enforcement. Britain, China, France and India have all either passed or are considering bills that critics say could restrict encryption.
But privacy advocates and technologists are hoping the United States will follow the Netherlands, which last week took the world’s strongest stance in favor of robust encryption in recent years.
The Dutch government announced it would reject any legislation that affected encryption, months after the country’s Parliament donated money to open-source encryption research. The move will let companies retain their ability to create devices with unbreakable encryption that locks out even law enforcement officials.
No other government has gone as far as the Dutch. But experts say if the U.S. joins the Netherlands, it could shift global momentum on the issue.
“We do seem to be at a tipping point in the evolution of the Internet,” said Kevin Bankston, director of New America’s Open Technology Institute, who attended a December sit-down on encryption policy with top White House cybersecurity and technology officials.
On Monday, hundreds of technologists, privacy advocates and industry groups appealed to governments worldwide to disavow any policy that could infringe on people’s ability to use robust encryption.
“Encryption tools, technologies and services are essential to protect against harm and to shield our digital infrastructure and personal communications from unauthorized access,” read an open letter signed by 195 experts, academics, organizations and companies in over 40 countries.
Those behind the coalition view the Dutch government’s move last week as a possible turning point. The Netherlands could open the door for other governments to similarly reject any encryption-related legislation, they said.
“It’s actually really important how strong their statement was,” said Amie Stepanovich, U.S. policy manager at digital rights advocate Access, which helped organize Monday’s letter.
“It is possible this is the strongest government statement in favor of not interfering … since the White House itself in 1999,” added Bankston, referencing the Clinton administration’s decision to drop any potential regulation of the export of strong encryption technology.
Some believe the White House might join the Hague. They note that the White House recently dropped its proposals to mandate that law enforcement have access to encrypted devices.
“I hope this White House comes out and strongly says how encryption is important for our own national security and it’s important for our economy,” said Rep. Will Hurd (R-Texas), a former CIA agent specializing in cybersecurity operations who now chairs the House Oversight Committee’s subpanel on information technology. “We need to be looking at ways to strengthen, not weaken it.”
The world needs “global leadership on this issue,” Bankston said, “as we see more countries trying to move in the direction of trying to criminalize or otherwise interfere with encryption.”
But the White House faces similar pressure from a number of other sides.
Senate Intelligence Committee Chairman Richard Burr (R-N.C.) is leading a bipartisan charge for a bill that would require companies to maintain an encryption key that can unlock secure data when compelled by a warrant.
House Homeland Security Committee Chairman Michael McCaul (R-Texas) and Sen. Mark Warner (D-Va.) want to form a commission on technology challenges for law enforcement that would investigate other alternatives to help investigators access locked data.
Rep. Jim Langevin (D-R.I.), who co-chairs the Congressional Cybersecurity Caucus with McCaul, would like to see the White House back the commission proposal.
“I think a commission at this point could be helpful in making sure that all the stakeholders have a seat at the table,” Langevin told The Hill. “Maybe not everyone’s going to be 100 percent happy, but I know the status quo is not acceptable.”
Copyright 2023 Nexstar Media Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed. Regular the hill posts