The United States government risks undermining the digital economy if it doesn’t embrace strong encryption, according to a bipartisan congressional report released last week.
The Encryption Working Group’s Year-End Report comes after a year long investigation by the House of Representatives’ Judiciary Committee and Energy and Commerce Committee.
The report comes to the conclusion that any measures taken by the U.S. government to weaken encryption would “work against the national interest”. However, it also notes that Congress needs to consider introducing legislation that would allow law enforcement agencies to access digital information when necessary, in order to facilitate investigations. The best way to do this is to cooperate with technology firms to come up with a solution that works best for everyone.
“Although federal law enforcement agencies told the [group] that they encourage the use of encryption for the protection of sensitive information including data retained by the federal government, they cite the increased use of encryption by suspected criminals and victims of crime as a severe challenge to their public safety mission,” the committee members stated in the report.
Congress created the group in the aftermath of legal wrangles between Apple Inc. and the FBI over the latter agency’s demand that it helped decrypt an iPhone that belonged to Syed Rizwan Farook, an Islamic terrorist who carried out the 2015 mass shootings in San Bernardino, Calif.
As part of its investigations, the Encryption Working Group spoke with numerous intelligence agency and law enforcement officials, civil rights groups and technology companies to discuss encryption and how it impacts legitimate government activities.
The report came to four conclusions – strong encryption is in the national interest; U.S. companies would lose market share to foreign firms if encryption in IT products is weakened; there is no simple solution to this problem; and Congress should help tech firms and law enforcement agencies find ways to cooperate.
Interestingly, while ten members of the committee – Bob Goodlatte (R-VA), Fred Upton (R-MI), Frank Pallone, Jr. (D-NJ), John Conyers, Jr. (D-MI), Bill Johnson (R-OH), Yvette D. Clarke (D- NY), Darrell Issa (R-CA), Zoe Lofgren (D-CA), James Sensenbrenner (R-WI) and Suzan DelBene (D-WA) – signed off on the report, there were two that reportedly refused to do so – Joe Kennedy (D-MA) and Adam Kinzinger (R-IL).
Tech firms have warmly embraced the report’s findings, which confirms their longstanding argument that creating a “backdoor” for government agencies would only lead to vulnerabilities and put users at risk.
“Legislative mandates that undermine the technology would only serve to make everyone less secure,” said Aaron Cooper, vice president of strategic policy initiatives with the Business Software Alliance, in a blog post. “At the same time, the report recognizes—and BSA strongly supports—the important work of law enforcement in protecting our safety and pursuing criminals.”
The report urges Congress to work with companies to develop legal means through which law enforcement agencies would be able to access company information and metadata, and create a legal framework that would support exploitation for legitimate purposes such as gathering evidence and intelligence.