Crypto battle presents 'hard choices,' says federal CIO

The clash between the FBI and Apple over opening up a terrorist killer's locked iPhone presents a hard choice between compelling arguments, according to Federal CIO Tony Scott.

"It's a really hard, hard topic," he said. "I could make an argument on both sides. Strong encryption is important and a backdoor might be a problem," he said. However, he also said society has an interest in pursuing and prosecuting criminals.

"The answer comes down to a bigger, broader debate on values" of both, he said. He said the country has decided on similar thorny issues in the past and this one is another "hold-your-nose," choice.

Ultimately, he said, "In my mind, strong encryption is something everyone will be able to get behind with a narrow set of exceptions" for law enforcement.

That concession to law enforcement represents something of a tweak to Scott's position. When the "going dark" debate was launched in public view by FBI Director James Comey, Scott was part of a taskforce convened by the Office of Science and Technology Policy that had broad discussions on encryption, and balancing the demands of law enforcement, user privacy and the commercial imperative to offer encrypted products to consumers.

"I hear all the concerns from the law enforcement agencies," Scott told FCW in an interview conducted in October 2015, about seven weeks before the San Bernardino attacks. "They have a very difficult job to do. But at the end of the day I think the better policy is probably not to require these backdoors," he said. Scott noted then that if U.S. providers were constrained by U.S. law from offering end-to-end encryption, then true malefactors would look elsewhere for encrypted communications devices and services.

"Then what are you left with? You're left with the people who are already trying to obey the law, and those people will use something that does have a backdoor, but it's not of the value that should be there for the intended purposes," Scott told FCW.

President Obama sought middle ground on this debate in a March 11 appearance at the SXSW technology conference, advising privacy advocates and law enforcement agencies to avoid "absolutist" positions.

Scott has long first-hand experience in the commercial IT industry, which has generally backed Apple in the fight. He came to the federal CIO job just over a year ago after a career among the industry's heavy hitters. He was CIO at VMWare for two years and Microsoft CIO for five years before that. He has also been CIO at the Walt Disney Company and CTO at General Motors.

Scott made his remarks in response to an audience question at a cybersecurity event hosted by AFFIRM and U.S. Cyber Challenge on March 15.