Following the recent terrorist attacks in Paris, intelligence officials and members of Congress have renewed calls to weaken encryption on secure communications by placing what are known as “backdoors” in encryption software. These backdoors allow government agencies to utilize an exclusive “key” in order to gain access to the content of protected communications, which law enforcement agencies have been quick to blame for their collective failure to prevent these horrific acts from being carried out.
Leading this charge is CIA director John Brennan (who did not seem thrilled when his own personal email was recently hacked by a teenager). Brennan complained on Tuesday that,
“a lot of handwringing over the government’s role in the effort to try to uncover these terrorists” has led to recent “policy and legal” actions that “make our ability collectively, internationally, to find these terrorists much more challenging.”
Brennan did not specify which policy changes he is referring to, or how they relate to the Paris attacks. However, it has been revealed that most of the suspects involved had previously been under surveillance by French and Belgian intelligence agencies, and Turkey even warned French authorities of a possible attack one month prior. As one counterterrorism analyst and former French defense official put it,
“our intelligence is actually pretty good, but our ability to act on it is limited by the sheer numbers.”
In other words, intelligence agencies have such a wealth of information that it actually hinders their ability to distinguish, and act upon, imminent threats.
Meanwhile, authorities have found that the attackers were using unencrypted text over mobile devices recovered during the investigation. No evidence has been put forth to suggest that the terrorists were using encrypted communications, or that a backdoor for law enforcement agencies could have prevented the recent attacks or similar ones in the future.
Brennan was likely referring to the USA Freedom Act, which was signed into law this summer. However, the law does little or nothing to curtail the mass surveillance carried out under the National Security Agency bulk data collection programs. It essentially shifts the burden of data collection from the federal government to telecom corporations for domestic communications only, but this minor policy change has not yet been implemented.
Given a recent district court decision that ruled these programs to be “likely unconstitutional,” it is questionable whether they would be able to survive in their present form anyway. Moreover, the intelligence community has failed to demonstrate the efficacy of indiscriminate data collection, and officials have repeatedly made claims on the matter that later turned out to be false.
Tech companies, security experts, and consumer privacy advocates argue that backdoors, by nature, leave consumer devices and data vulnerable to malicious hackers, foreign intelligence services, and repressive regimes. The Information Technology Industry Council released a statement last week