Encryption

New policy on encryption appears unlikely

Marcel Lettre, Under Secretary of Defense for Intelligence

Undersecretary of Defense for Intelligence Marcel Lettre told the Senate Armed Services Committee that the Obama administration is not seeking a legislative or regulatory answer to the encryption conundrum.

As the Obama administration winds down, any policy action on law enforcement and intelligence community access to commercial encryption seems unlikely, according to top intelligence officials.

At a Sept. 13 hearing of the Senate Armed Services Committee, Undersecretary of Defense for Intelligence Marcel Lettre said that for now, executive agencies and law enforcement are not seeking a legislative or regulatory answer.

"Our view at this point in the dialogue and debate is that legislation that forces or requires a regulatory solution is not preferred," Lettre said. "What we have found is that on a case-by-case basis when leaders from the executive branch have been able to have an effective and quiet dialogue with leaders in industry, the nature of the conversation starts to shift in a couple of ways."

He cited the long history of cooperation between the military and industry as a path to forging more collaboration.

In 2014, FBI Director James Comey warned that commercial end-to-end encryption would make law enforcement and intelligence agencies powerless in the face of threats by keeping them from accessing certain kinds of evidence in investigations, even with a court order. Comey dubbed the phenomenon "going dark." His initial approach was to start a national conversation on encryption, with an eye to strengthening the ties between technology firms and the government.

Lettre acknowledged that the approach did not always work, as has been the case with Twitter and Apple. Neither the senators nor the witnesses referred to efforts to force companies to open their products and data using court orders, as was the case in the FBI investigation of a device linked to the San Bernardino, Calif., shooting in December 2015.

Testifying before the same panel, National Security Agency Director and Cyber Command chief Adm. Michael Rogers said that even if there were some solution that applied to U.S. companies, terrorists and other non-state actors would be able to find encrypted communication services from non-U.S. firms.

"Clearly any structure, any approach we come up with here has to recognize that there is an international dimension to this," Rogers said. "Encryption does not recognize arbitrary boundaries on the globe that we have drawn in the form of borders of nation-states. I don't know what the answer is, but I certainly acknowledge we have to think more broadly than one particular market."

Committee Chairman Sen. John McCain (R-Ariz.) said the Islamic State group was taking advantage of an "end-to-end encrypted safe haven" from which to plan and launch attacks against targets in Europe and the United States, and the White House was "ignoring" the issue.

Rogers said Islamic State was proving to be "the most adaptive target I've ever worked in 35 years as an intelligence professional."

Separately, he said other areas of outreach to the private sector are going well. He noted that Cyber Command has a team inside the Pentagon's Defense Innovation Unit Experimental, which was trying "to harvest partnerships with the private sector."

But he also said that every now and then, a situation occurs that leads to ideological posturing that he felt would be better solved with private, behind-the-scenes discussions.

About the Author

Adam Mazmanian is executive editor of FCW.

Before joining the editing team, Mazmanian was an FCW staff writer covering Congress, government-wide technology policy and the Department of Veterans Affairs. Prior to joining FCW, Mazmanian was technology correspondent for National Journal and served in a variety of editorial roles at B2B news service SmartBrief. Mazmanian has contributed reviews and articles to the Washington Post, the Washington City Paper, Newsday, New York Press, Architect Magazine and other publications.

Click here for previous articles by Mazmanian. Connect with him on Twitter at @thisismaz.


Featured

  • Telecommunications
    Stock photo ID: 658810513 By asharkyu

    GSA extends EIS deadline to 2023

    Agencies are getting up to three more years on existing telecom contracts before having to shift to the $50 billion Enterprise Infrastructure Solutions vehicle.

  • Workforce
    Shutterstock image ID: 569172169 By Zenzen

    OMB looks to retrain feds to fill cyber needs

    The federal government is taking steps to fill high-demand, skills-gap positions in tech by retraining employees already working within agencies without a cyber or IT background.

  • Acquisition
    GSA Headquarters (Photo by Rena Schild/Shutterstock)

    GSA to consolidate multiple award schedules

    The General Services Administration plans to consolidate dozens of its buying schedules across product areas including IT and services to reduce duplication.

Stay Connected

FCW Update

Sign up for our newsletter.

I agree to this site's Privacy Policy.