Share.

U.S. Deputy Attorney General Rod Rosenstein recently reignited the debate around digital encryption and its ability to thwart investigations into increasingly many crimes.

In remarks delivered at the United States Naval Academy in Annapolis, Maryland, Rosenstein took Silicon Valley to task, characterizing tech companies as standing in the way of public safety.

“Company leaders may be willing to meet, but often they respond by criticizing the government and promising stronger encryption,” Rosenstein said. “Of course they do. They are in the business of selling products and making money. ... We are in the business of preventing crime and saving lives.”

The longstanding tension between law enforcement and technology giants nearly came to a head last year when the Justice Department sought to force Apple Inc to unlock an iPhone that belonged to the perpetrators of a mass shooting in San Bernardino, California. That legal battle was called off when the FBI said that a third party had successfully broken into the phone.

The larger issue remains unresolved, however, with both the strength of consumer-level encryption and the prevalence of its use increasing steadily. Currently, no specific legal challenges or legislative proposals regarding encrypted communications are on the table. But every high-profile crime or mass shooting brings with it the possibility of a perpetrator leaving behind an uncrackable device which authorities desperately want to access.

Rosenstein’s remarks lacked any specific technical proposals, instead proposing that tech companies design and implement their own solutions to allowing authorities to access encrypted communications with judicial approval, which he called “responsible encryption.”

“Such a proposal would not require every company to implement the same type of solution,” Rosenstein said. “The government need not require the use of a particular chip or algorithm, or require any particular key management technique or escrow.”

One commonly theorized program would require every creator of encryption software to provide the U.S. government with a master decryption key. Deep skepticism of such a system among security experts seems universal.

Greg Scott, cyber security professional and novelist, told Bigger Law Firm that central management of encryption keys was inherently insecure.

“Imagine a repository containing the billions, maybe trillions of encryption keys we use every day in 21st century society,” Scott said. “Now imagine keeping all those keys safe from cyber-attack, keeping in mind the U.S. government’s track record. Do we really want to trust the government with the encryption keys that keep modern society functioning?”

Scott also criticized Rosenstein’s notion that tech companies might create novel and secure ways of assisting criminal investigations if only they would try. “Encryption depends on keys and algorithms. There are two ways to grant government access to encrypted communication. Either give government access to the keys or weaken the algorithms. Both have so many opportunities for abuse, and so many easy workarounds, that the cure is worse than the disease.”

Jennifer DeTrani, general counsel at Wickr, a secure messaging startup, agrees. She told Bigger Law Firm that decryption master keys would inevitably end up in the hands of “malicious hackers including state and non-state actors,” and also emphasized the economic benefits of protected communication.

Rosenstein “hit the nail on the head when he said that encryption is ‘essential to the growth and flourishing of the digital economy,’” said DeTrani. “Individuals and companies are entitled to end-to-end encryption to protect business and personal communications and transactions.”

Rosenstein’s comments may signal an intent to push Congress to mandate mechanisms to bypass encryption, but the certainty of legal challenges to such a law ensure this debate will not end soon.

About Author

Ryan Conley is a staff contributor to Bigger Law Firm Magazine and a legal content strategist for U.S. based law firms.

  • chris9465

    There is no encryption debate.

    Like a petulant child, the US government along with others are screaming for weakening encryption and the tech companies like parents are saying no!

    When a High School student has the knowledge and ability to write their own encryption algorithms and implement them on their own, there is no debate.

    Encryption is math, math is encryption, contrary to what bureaucrats and politicians want to believe, the laws of mathematics can not be changed to suit the laws of society.

    There’s dozens of encryption apps available right now located in countries outside the jurisdiction of the US government.

    There is no debate

  • Pingback: Rod Rosenstein's responsible encryption fantasy - dgregscott.com()

Download the Latest Bigger Law Firm Magazine, FREE!

Download the Latest Bigger Law Firm Magazine, FREE!

Want to download the full issue of Bigger Law Firm Magazine? Signup for This Week on BLF and you will receive a download link for our latest issue. 

Thank you for signing up for This Week on BLF! Download the latest issue at http://blfmag.com/BLFMag48

More in Government
Hazing Incident of a Fraternity Pledge at Another University Campus

In Baton Rouge, Louisiana, police are conducting an investigation into the death of Maxwell Gruver, a freshman at Louisiana State University (LSU), who lost his...

Close