US Attorney General Barr doubles down on encryption backdoors call
AppleInsider may earn an affiliate commission on purchases made through links on our site.
The US Attorney General William Barr has waded into the ongoing encryption debate, claiming the encryption of data is putting the security of America at risk by stopping law enforcement officials from being able to track criminals, and calling for the creation of security-defeating backdoors that somehow do not weaken encryption.
Speaking at a Fordham University conference on cybersecurity on Tuesday, Barr suggested the use of encryption "is already imposing huge costs on society," and seriously "degrades the ability for law enforcement to detect and prevent crime before it occurs." In investigating crimes, it is also "thwarting law enforcements' ability to identify those responsible, or to successfully prosecute the guilty parties."
Barr insists the issue will exponentially increase as the use of "warrant-proof encryption" accelerates, as this will "embolden" criminals who believe they cannot be caught, video from the Associated Press reports.
The speed them moved on to urging tech firms to cease "dogmatic pronouncements" claiming encryption backdoors cannot be done. "It can be and it must be," Barr believes. "We are confident that there are technical solutions that will allow lawful access to encrypted data and communications by law enforcement, without materially weakening the security provided by encryption.
Barr then suggests tech companies should turn their efforts in declaring backdoors "aren't worth exploring" to instead use their talents to "developing products that will reconcile good cybersecurity to the imperative of public safety and national security."
Barr's comments are a continuation of a long-running feud between governments and law enforcement who want access to encrypted data, and tech companies and privacy advocates wanting to maintain the security of encryption.
Governments and agencies, such as the FBI and the police, are in favor of weakening security by introducing backdoors, which would provide a similar function to wiretaps of providing law enforcement officials with a means to see the communications between two parties of interest.
Law enforcement officials have repeatedly suggested there are ways to allow law enforcement to gain access to data backdoors without exposing customer data to risk, in an effort to fix the so-called "going dark" problem.
There has even been the suggestion from the UK's GCHQ to create backdoors similar to the Group FaceTime bug from earlier in 2019, that could allow agencies to become a silent extra participant in a call, allowing it to be encrypted between all parties, but still enabling the ability to listen in or surveil the communications. In theory this would enable monitoring of systems with end-to-end encryption, such as FaceTime calls and iMessage communications, but it would require the producers of those systems to build access into them from the start.
In June, it was revealed the Trump administration was considering the possibility of outlawing end-to-end encryption in its entirety. While there were some within a National Security Council meeting that supported a similar measure to make encrypted data accessible, there was some pushback by the Commerce and State Departments over the potential economic and diplomatic consequences of backdoors.
Tech companies and privacy advocates insist that adding a backdoor to encryption fundamentally weakens it.
If encryption is a solid wall, the proposed backdoor is a lockable passageway that anyone with the key can get through. In this analogy, governments would gain access to the keys, but it is arguable that others could make copies of the keys, such as foreign agencies or criminals, or could even be accessed without the keys at all by a determined intruder.
There is also the argument by tech companies that adding a backdoor can hurt consumer confidence in a product or service. As for criminals, while a law could force legitimate services to break encryption for law enforcement, this wouldn't stop bad actors from setting up their own encrypted communications system.