Justice, FBI again seek access to encrypted phone data
WASHINGTON — Federal law enforcement officials are renewing a push for a legal mandate that tech companies build tools into smartphones and other devices that would allow access to encrypted data in criminal investigations.
FBI and Justice Department officials have been quietly meeting with security researchers who have been working on approaches to provide such “extraordinary access” to encrypted devices, according to people familiar with the talks.
Based on that research, Justice Department officials are convinced that mechanisms allowing access to the data can be engineered without intolerably weakening the devices’ security against hacking.
Against that backdrop, law enforcement officials have revived talks inside the executive branch over whether to ask Congress to enact legislation mandating the access mechanisms. The Trump White House circulated a memo last month among security and economic agencies outlining ways to think about solving the problem, officials said.
The FBI has been agitating for versions of such a mandate since 2010, complaining that the spreading use of encryption is eroding investigators’ ability to carry out wiretap orders and search warrants — a problem it calls “going dark.”
The issue repeatedly flared without resolution under the Obama administration, peaking in 2016, when the government tried to force Apple to help it break into the iPhone of one of the attackers in the terrorist assault in San Bernardino, Calif.
The debate receded when the Trump administration took office, but in recent months, top officials like Rod J. Rosenstein, the deputy attorney general, and Christopher A. Wray, the FBI director, have begun talking publicly about the “going dark” problem.
The National Security Council and the Justice Department declined to comment about the internal deliberations. The people familiar with the talks spoke on the condition of anonymity, cautioning that they were at a preliminary stage and that no request for legislation was imminent.
But the renewed push is certain to be met with resistance.
“Building an exceptional access system is a complicated engineering problem with many parts that all have to work perfectly in order for it to be secure, and no one has a solution to it,” said Susan Landau, a Tufts University computer security professor. “Any of the options people are talking about now would heighten the danger that your phone or your laptop could be hacked and data taken off of it.”
But some computer security researchers believe the problem might be solvable with an acceptable level of new risks.
A National Academy of Sciences committee completed an 18-month study of the encryption debate, publishing a report last month. While it largely described challenges to solving the problem, one section cited presentations by several technologists who are developing potential approaches.
The deliberations shed new light on public remarks by Trump administration officials in recent months. In October, Rosenstein, the deputy attorney general, argued in a speech that permitting technology companies to create “warrant-proof encryption” was endangering society.
“Technology companies almost certainly will not develop responsible encryption if left to their own devices,” he said.