The director of national intelligence reiterated the view that industry/government collaboration is essential to finding a way to balance privacy and law enforcement access.
Director of National Intelligence James Clapper said advances in encryption are having "a profound effect on our ability to collect [intelligence]." (Photo by Michael Bonfigli, Christian Science Monitor)
The revelations about National Security Agency surveillance programs that came from former contractor Edward Snowden accelerated the development of commercial end-to-end encryption by seven years, according to the nation's top spy.
Advances in encryption have had and are having "a profound effect on our ability to collect [intelligence], particularly against terrorists," Director of National Intelligence James Clapper said April 25 during a Christian Science Monitor breakfast.
The seven-year estimate came from NSA, Clapper said. Asked if the acceleration of strong, commercially available encryption is a good thing, he replied, "Not from our standpoint. No, it's not."
Matthew Green, a Johns Hopkins University computer scientist and cryptography expert, told FCW that conditions for the proliferation of commercial encryption -- such as "the rise of smartphones and the ubiquity of texting and online messaging services" -- were already in place before Snowden's revelations.
"So I wouldn't say that Snowden accelerated the development of end-to-end crypto," Green said. "I'd say he -- or rather, the NSA -- made the case for deploying it."
Clapper declined to endorse controversial encryption legislation put forth by Sens. Richard Burr (R-N.C.) and Dianne Feinstein (D-Calif.) that would require technology firms to make their encryption products compliant with court orders. Clapper instead reiterated an oft-stated view from Obama administration officials and lawmakers that the solution to the challenge encryption poses to spies and law enforcement will be found in the private sector.
"I place great faith and confidence in the tremendous technological ingenuity and creativity that we have in this country, and this is one case where there needs to be a partnership between industry -- the commercial sector -- and the government," Clapper said.
Pining for the good old days
In February 2015, President Barack Obama directed Clapper to establish the Cyber Threat Intelligence Integration Center, a clearinghouse for cyber intelligence staffed by personnel from across the intelligence community.
CTIIC got off to somewhat of a rocky start. Some lawmakers were annoyed that they had received little if any notice about the announcement, and Department of Homeland Security officials were reportedly concerned that the new agency might tread on their turf.
"Because of all the controversies surrounding its stand-up, we had a lot of time to think through what its capabilities would be...what it could do and what it couldn't do," Clapper told reporters, adding that the feedback his office has received from other agencies so far has been "pretty positive."
He would not comment when asked if cyber intelligence gleaned from CTIIC had aided in U.S. hacking operations overseas.
Clapper also half-jokingly pined for the days of the Cold War when it was much easier to tap the telecommunication systems of the Soviets without inadvertently sweeping up Americans' communications. The advent of the commercial internet changed everything, he said.
"Those billions of innocent transactions by millions and millions of innocent people are all mixed up with nefarious activities by nefarious people," he added.
A bipartisan group of lawmakers sent a letter to Clapper last week asking him how many Americans had been swept up in a data collection program authorized by Section 702 of the Foreign Intelligence Surveillance Act, Reuters reported.
Clapper said he was weighing how to respond to the letter. "The irony is...to actually render an accurate number, we actually have to be more invasive and identify more U.S. persons," he added.