Tech firms, privacy advocates push White House on encryption

A group of tech firms, including Google, Apple, and Microsoft, and a collection of tech trade associations, civil society groups, and computer security researchers are urging the Obama administration to drop plans to seek legislation to give federal law enforcement agencies access to encrypted communications.

Leading domestic security officials, led by FBI Director Jim Comey, have been warning that default encryption built into consumer devices like Apple's iPhone and the Android mobile operating system from Google is creating a protected space in which drug dealers, kidnappers, terrorists, and other criminals can operate outside the reach of the law. Comey calls this phenomenon "going dark."

Industry’s May 19 letter to President Obama calling for a halt hit a day before Comey is expected to restate his case for encryption in a speech at the annual Cybersecurity Law Institute at the Georgetown University Law Center.

Supporters of commercially available encrypted devices and services like cloud storage argue that there is no known way to give a third party access to encryption keys without creating additional cybersecurity risk. A backdoor that is open to law enforcement could potentially be opened by hackers, including those representing hostile foreign states. Additionally, they are concerned that foreign governments, including those without speech protections and other legally guaranteed human rights, might seek the same access as U.S. law enforcement.

"We urge you to reject any proposal that U.S. companies deliberately weaken the security of their products. We request that the White House instead focus on developing policies that will promote rather than undermine the wide adoption of strong encryption technology. Such policies will in turn help to promote and protect cybersecurity, economic growth, and human rights, both here and abroad," the letter says.

The letter was organized by the New America Foundation's Open Technology Institute. "We decided it was time for the Internet community -- industry, advocates, and experts -- to draw a line in the sand. We're calling on Obama to put an end to these dangerous suggestions that we should deliberately weaken the cybersecurity of American products and services," said OTI Policy Director Kevin Bankston.

Among the signers are former counterterrorism official Richard Clarke and law professors Peter Swire and Geoffrey R. Stone -- three of the five members of Obama's Review Group on Intelligence and Communications Technologies, which issued recommendations for surveillance reform in the wake of the Edward Snowden NSA leaks. That report recommended that government make it "clear that it will not in any way subvert, undermine, weaken, or make vulnerable generally available commercial encryption."

This position found a sympathetic ear from lawmakers on both sides of the aisle at an April hearing of the House Oversight and Government Reform Committee.

At that hearing, Rep. Ted Lieu (D-Calif.), who has a degree in computer science, derided the idea of maintaining security while giving law enforcement access to encryption keys as "technologically stupid." Currently, there's no legislation before Congress to require companies to provide access to encrypted communications.