Apple, FBI Encryption Debate Continues At Congressional Hearing

iPhone Encryption: 5 Ways It's Changed Over Time

The debate over encryption and the push and pull between law enforcement and individual privacy continued this week, with representatives from Apple and the FBI testifying before a Congressional panel.

The April 19 hearing titled, "Deciphering the Debate Over Encryption: Industry and Law Enforcement Perspectives," included two panel discussions, technology experts, and parties from both sides of the debate. House Energy and Commerce Committee Chairman Fred Upton (R-MI), who chaired the panel, said he hoped the panel would move the debate forward.

"Many have called on Congress to 'confront the issues here.' That is why we are holding this hearing," Upton said in his opening statement.

Apple's general counsel Bruce Sewell was in attendance, as were representatives from the FBI, MIT, RSA Security, and the National Sheriffs' Association. However, representatives from Facebook and WhatsApp had declined invitations.

"It is easy to call on Congress to take on an issue -- but you better be prepared to answer the call when we do," added Upton.

Oversight and Investigations Subcommittee Chairman Tim Murphy (R-PA) summed up the agenda with what he called a "deceptively complex question: Should the government have the ability to lawfully access encrypted technology and communications?"

Murphy and Upton emphasized a need for discussions to move away from us-versus-them thinking. "This debate is not about picking sides -- it is about evaluating options," said Upton.

Murphy noted that the debate is actually decades old, and that in response to new encryption technologies of the 1990s, the NSA had developed a "Clipper chip," a so-called backdoor that likewise "sparked intense debate between the government and the technology community about the benefits -- and risks -- of government access to encrypted technology."

The concerns of those in 2016 who say a backdoor could be exploited were validated by the chip, which became, said Murphy, "more akin to a front door."

Are you prepared for a new world of enterprise mobility? Attend the Wireless & Mobility Track at Interop Las Vegas, May 2-6. Register now!

Technology expert Matt Blaze, now a professor at the University of Pennsylvania, was the person who identified the vulnerability that created the "front door," and he was among Tuesday's witnesses. Blaze testified:

The technical vulnerabilities that would inevitably accompany design requirements for law enforcement access being proposed will harm our security far more than they will help law enforcement. They will provide rich, attractive targets not only for relatively petty criminals such as identity thieves, but also for organized crime, terrorists and hostile intelligence services. It is not an exaggeration to understand these risks as a significant threat to our economy and to national security.

Indeed, while all parties expressed a desire to find a shared solution, New York City Police Department Chief of Intelligence Thomas Galati testified, "It is critical that we work together to fight crime and disorder, because criminals are not bound by jurisdictional boundaries nor industry standards." How that shared solution might be reached was no clearer by the end of the day.

Amy Hess, who oversees the development of surveillance technologies for the FBI, testified that agents are encountering more and more password-protected phones in the last six months and that in over 10% of those cases, the bureau cannot crack the code.

However, Apple's top lawyers sees it much differently.

"As you heard from our colleagues in law enforcement, they have the perception that encryption walls off information to them," testified Apple's Sewell. "But technologists and national security experts don't see the world that way. We see a data-rich world that seems to be full of information. Information that law enforcement can use to solve -- and prevent -- crimes."