On the same day that a second major messaging app announced end-to-end encryption, Apple and the FBI took to a House subcommittee to attempt to make progress on the encryption and backdoor debate. Government officials pleaded for more access to content and repeated, again and again, their fears about encryption.
Apple’s senior vice president and general counsel, Bruce Sewell — by now well-accustomed to so testifying — gave testimony, as did the FBI’s Amy Hess, executive assistant director for the science and technology branch.
Here’s an excerpt from Sewell’s introductory remarks:
To suggest that the American people must choose between privacy and security is to present a false choice. The issue is not about privacy at the expense of security. It is about maximizing safety and security. We feel strongly that Americans will be better off if we can offer the very best protections for their digital lives.
And an excerpt from Hess’s introductory statements:
We are not asking to expand the government’s surveillance authority, but rather we are asking to ensure that we can continue to obtain electronic information and evidence pursuant to the legal authority that Congress provided to us to keep America safe.
Several others testified, including intelligence officers from New York and Indiana police departments on the FBI’s behalf, and security researchers and professors on Apple’s behalf. Representatives from many states attempted to use the right words to describe technological processes about which they know almost nothing; analogies — needles in haystacks, security deposit boxes, invisibility cloaks to light spectrums — flowed as data to government agencies.
Law enforcement agency officials largely attempted to take the moral high ground, referencing how they felt end-to-end encryption would limit their investigations into child predators and suspected terrorists. These officials demanded more data. Metadata — the information about communications: who you called, when and from where you called them, how long you talked, etc. — which the government already gets in abundance, is not enough, they said: The government needs to have access to the content of these communications. End-to-end encryption prevents the government from knowing that intimate private information, and, the testimonies made clear, the government is very bitter about that fact.
But these officials agreed that third parties (“grey hat” agencies), such as the mysterious one hired to decrypt the San Bernardino iPhone, are not the solution. Third parties are time- and resource-intensive. But nor are government agencies the solution: These agencies don’t have the requisite expertise, because the best minds tend to wind up in private industries (where the most money can be made).
The solution, they said, is corporate submission to the government’s demands. The government wants a permanent backdoor into all technologies. And it’s not too worried about resultant vulnerabilities: It’ll leave those worries up to the tech companies once they’ve all agreed to cooperate. In other words, the government wants tech companies to be “good corporate citizens” and give them a master key, but it also wants tech companies to figure out on their own how that access might endanger U.S. citizens. The government, then, is simply left to sift through the data — and would very much prefer if these tech companies could just be responsible for ensuring that the backdoors don’t become revolving doors for terrorists and other bad guys.
All of this is contradictory to what former CIA and NSA director Michael Hayden says, which is that end-to-end encryption is the safest answer for our nation.
These demands epitomize the government’s ignorance on these counts. They’re not only asking tech companies to divide by zero, they’re attempting to require tech companies to divide by zero. Put differently: There’s currently no way a backdoor can exist without opening up further vulnerabilities. Sewell testified that Apple has worked to find such a solution:
We haven’t figured out a way that we can create an access point and then create a set of locks that are reliable to protect access through that access point. That’s what we struggle with. We can create an access point, and we can create locks. But the problem is that the keys to that lock will ultimately be available somewhere — and if they’re available anywhere, they can be accessed by both good guys and bad guys.
Later, he issued Apple’s official, unwavering stance: “We believe that strong, ubiquitous encryption is the best way that we can maintain the safety, security, and privacy of all of our users.”
Watch the full session here: