FBI Director Christopher Wray last month spoke before the US Senate Homeland Security and Governmental Affairs Committee, and, among the many topics dedicated to “threats to the homeland,” he addressed that of encryption.
His remarks on this are carried by the FBI website under the heading, “Lawful Access.” Wray opens by saying that the agency is a strong advocate of “wide and consistent” encryption use.
The FBI chief goes on with platitudes, and not particularly sincere ones (considering his statements that followed): protecting online data and privacy is a top priority, and encryption a key element.
But…
“Encryption without lawful access, though, does have a negative effect on law enforcement’s ability to protect the public,” Wray says, and thus continues the FBI’s long-since established stance that strong encryption prevents law enforcement from performing their duties.
This is something that critics have been equally consistently rejecting as unfounded, and dangerous, given the risk various forms of encryption weakening represents for the worldwide community and everyone and everything on the internet.
Here’s Wray’s idea on how to undermine encryption, and still continue to claim the agency he heads is somehow its champion: providers should implement it, by all means; but when the FBI comes knocking, they should just hand the previously protected data over.
In his own words: “When the FBI discusses lawful access, we mean putting providers who manage encrypted data in a position to decrypt it and provide it to us in response to a legal process.”
And despite making such a stark and clear statement in favor of dangerously weakening encryption, Wray’s very next comment is, “We do not mean for encryption to be weakened or compromised.”
At this point, Wray’s argument seems completely nonsensical and contradictory, but he does shed some light onto the “monster” the FBI would like to create here.
The agency is not about weakening encryption, that is – not in such a way that “it can be defeated from the outside by law enforcement or anyone else.”
This addresses the crucial criticism against tampering with encryption: that once undermined to serve one agency or government, the very same flaw becomes a way in for just about anybody else in the world with sufficient skills to break it.
And those are very, very many. So forget the backdoor – Wray’s approach here, as some reports have pithily noted, is to have the front door through which the FBI and it alone can walk in at any point they wish.
In other words, Wray wants online platforms to provide users with encryption – and give the FBI decryption keys.