Until the Internet era, the use of encryption was confined to sensitive government and commercial communications. With the growth of the Internet, encryption came into much wider use to protect credit card and other online transactional information. Only in the past decade, however, has encryption been widely used for ordinary communications and stored data. As laptops and smartphones developed the potential to contain large amounts of sensitive information and grew in popularity, and as states adopted data breach notification laws1 that provided a safe harbor in cases where lost personal data had been encrypted, full-disk encryption was introduced. The use of such technologies increased after criminals began using the information stolen from individuals’ devices as a way to commit fraud.
The wider deployment of encryption mechanisms used with encryption keys that are held only by users has altered the calculation for governments that seek access to encrypted communications. Previously, law enforcement and intelligence agencies were able to rely on court orders and subpoenas to providers (third parties) to seek access to communications directly from providers. However, where providers do not hold encryption keys, this access path is no longer available to the government. This trend toward deployment of encryption under end-user control was
1 National Conference of State Legislatures, 2017, “Security Breach Notification Laws,” April 12, http://www.ncsl.org/research/telecommunications-and-information-technology/security-breach-notification-laws.aspx.
further fueled by the growing concern about government surveillance following disclosures by Edward Snowden about U.S. surveillance programs. Vendors reacted quickly to expand encryption of data and communications by default to help distance themselves from those government programs.
Today, encryption protects information stored on or in transit between smartphones, laptops, and other devices and information stored on enterprise servers and in the cloud. Encryption is relied on to protect the data and computer systems of individuals and organizations from criminals and repressive governments. The public’s use of encryption can prevent crimes such as the theft of information, thus helping make society more secure and safe. Encryption is also used by individuals, nonstate actors, and governments—including that of the United States—to prevent collection of information by government intelligence agencies. Finally, encryption enables various types of economic activity that would otherwise not be possible. Looking ahead, encryption will be important for applications that involve analyzing large volumes of shared, sensitive data.
Encrypted communications are built in to major computing platforms at both the hardware and software levels and into an array of widely used messaging applications. Absent government controls, increased integration and enhanced usability of encryption seems like a foregone conclusion. In some cases, encryption is included and enabled by default. When encryption capabilities are introduced into a major platform or widely used application, they can very rapidly end up being used by many hundreds of millions of users.
Encryption is also relied on by criminals to avoid investigation and prosecution, including criminals who may benefit from default settings as well as those who deliberately use encryption. One consequence of this widespread use is that encryption is increasingly identified as an impediment to investigations by law enforcement and to foreign intelligence information collection by U.S. intelligence agencies (see the section “Encryption as an Impediment to Investigations” in Chapter 4).
Encryption is not the only technical barrier that government investigators face when seeking access to plaintext. Even when investigators do not encounter encryption, they may confront other technical barriers. Plaintext and metadata cannot be accessed without an understanding of the multiple protocols, formats, and compression algorithms used by the software applications that transmit and store the information, elements that are not always well documented and that are subject to frequent change. This may also hamper investigations, especially if the investigating agency does not have robust technical capabilities or the cooperation of the vendor or service provider.
The U.S. government has long placed export restrictions2 on products incorporating encryption. In the early 1990s, U.S. government agencies strongly pressed for the deposit of encryption keys with government agencies or specified third parties, a proposal that was ultimately abandoned after an extended debate over a number of issues, including the importance of spreading encryption, the technical challenges in providing for key recovery, and whether the proposal would ultimately be accepted by Congress and the public. With the increased need for encryption to secure electronic commercial data and concerns about the impact on the global competitiveness of U.S. industry, export restrictions on cryptography were relaxed in the late 1990s, ultimately paving the way for broader use of encryption in products sold domestically as well as internationally.3
More recently, prominent members of the law enforcement community have said that encryption is restricting access to stored data or message plaintext, even when they have a court order authorizing access. Notably, law enforcement reports a growing number of smartphones encountered during investigations that they cannot unlock (see the section “Encryption as an Impediment to Investigations” in Chapter 4). They argue that even as the volume of digital information expands, important parts of the digital world are “going dark” as more stored data and communications are encrypted by default and as information relevant to investigations is increasingly in digital form. In a 2014 speech, Federal Bureau of Investigation (FBI) Director James Comey described the broad challenge of new technology including encryption by default facing law enforcement:
Those charged with protecting our people aren’t always able to access the evidence we need to prosecute crime and prevent terrorism even with lawful authority. We have the legal authority to intercept and access communications and information pursuant to court order, but we often lack the technical ability to do so.4
2 Nonmilitary cryptography exports from the United States are controlled by the Department of Commerce. The current regulations are complex but, generally speaking, require registration, notification, or review for products using encryption exceeding specified key lengths and require a license for export to certain countries.
3 The export regulations, which were intended to keep sensitive technologies out of the hands of foreign adversaries, also had the side-effect of making things more complicated for U.S. vendors who preferred to sell a single version worldwide or to have as few different versions as possible, and make it more complicated for U.S. end users to acquire domestic software versions that supported a longer key length.
4 J.B. Comey, 2014, “Going Dark: Are Technology, Privacy, and Public Safety on a Collision Course?: Remarks at the Brookings Institution, Washington, D.C.,” Federal Bureau of Investigation, October 14, https://www.fbi.gov/news/speeches/going-dark-are-technology-privacy-and-public-safety-on-a-collision-course.
Since then, law enforcement officials at the federal, state, and local levels have expressed the need for a reliable and scalable way to access plaintext. Some members of the U.S. intelligence community have concurred that parts of the digital world are getting “dimmer” although not necessarily “dark.”
By contrast, some, including a number of former senior members of the intelligence agencies—and a few former members of law enforcement,5 counter that the growing use of information technology and sophisticated collection and analysis capabilities has created a plethora of capabilities for conducting investigations. The gains include “location information, information about contacts and confederates, and an array of new databases that create digital dossiers about individuals’ lives.”6 Moreover, a variety of technical and business pressures may make considerably more data available to law enforcement in unencrypted form than was available a decade ago. Former National Security Agency (NSA) Director Mike McConnell observed that despite the abandonment of the 1990s effort to require exceptional access, the agency’s ability to collect signals intelligence is better than at any point in history.7
Both perspectives share a common element: as the amount of data increases rapidly, there is both more data than ever of relevance to investigations and more data than ever that is inaccessible to investigators.
Individuals and organizations have also objected to the introduction of government access mechanisms on a number of legal and practical grounds. Their primary arguments are that any regime by which providers of products and services featuring encryption are required to provide a way for ensuring government access to plaintext likely would (1) be ineffective, (2) pose unacceptable risks to cybersecurity, (3) pose unacceptable risks to privacy and civil liberties, (4) disadvantage U.S. providers of products and services, and (5) hamper innovation in encryption technologies. Some also observe that it has never been the case that obtaining a warrant would guarantee access to the evidence sought; evidence could be hidden or destroyed before a warrant is even issued or the desired information might not have been captured in the first place.
The computer science community has also reacted to renewed proposals to regulate the use of encryption. A group of experts in computer science, cryptography, and cybersecurity, many of whom had authored a
5 M. McConnell, M. Chertoff, and W. Lynn, 2015, “Why the fear over ubiquitous data encryption is overblown,” Washington Post, July 28.
6 P. Swire, 2015, “The golden age of surveillance,” Slate, July, http://www.slate.com/articles/technology/future_tense/2015/07/encryption_back_doors_aren_t_necessary_we_re_already_in_a_golden_age_of.html.
7 E. Nakashima, 2015, “Former national security officials urge government to embrace rise of encryption,” Washington Post, December 15.
1997 study on this topic, issued a report in 2015 that concluded the following: “the damage that could be caused by law enforcement exceptional access requirements would be even greater today than it would have been 20 years ago,” “new law enforcement requirements are likely to introduce unanticipated, hard to detect security flaws,” and “any proposals that alter the security dynamics online should be approached with caution.”8 At the same time, some members in the technical community have begun exploring possible technical approaches to meeting government exceptional access requirements for communications and data stored on devices and seeking ways to reduce the security risks of schemes that provide exceptional access. Box 5.1 provides some examples. Box 1.1 provides examples of the diverse interests and perspectives in the encryption debate.
This report reviews how encryption is used and its applications in cybersecurity (Chapter 2), its role in protecting privacy and civil liberties (Chapter 3), the needs of law enforcement and the intelligence community for information (Chapter 4), options for accessing plaintext (Chapter 5), and the international landscape (Chapter 6). Chapter 7 provides a framework for evaluating policy or technical approaches for access to plaintext. The following sections of Chapter 1, by way of introduction to the report, briefly (1) summarize options for providing access to plaintext and possible alternative sources of information, (2) discuss the different contexts in which access could be required, and (3) provide examples of technical approaches of the sort to which the framework could be applied. Finally, the chapter previews the high-level questions in the evaluation framework that is discussed in more detail in Chapter 7.
There are a wide variety of legal and technical options available to governments that seek access to plaintext for law enforcement and intelligence investigations. These can be classified9 broadly as follows:
- Take no legislative action to regulate the use of encryption. Law enforcement and intelligence agencies would have to cope with a world in which
8 H. Abelson, R. Anderson, S.M. Bellovin, J. Benaloh, M. Blaze, W. Diffie, J. Gilmore, et al., 2015, “Keys under doormats: Mandating insecurity by requiring government access to all data and communications,” Journal of Cybersecurity 1(1):69-79.
9 There are a variety of useful taxonomies. For example, a scheme developed by Kerr and Schneier describes “six kinds of workarounds: find the key, guess the key, compel the key, exploit a flaw in the encryption software, access plaintext while the device is in use, and locate another plaintext copy.” See O.S. Kerr and B. Schneier, 2017, “Encryption Workarounds,” GWU Law School Public Law Research Paper No. 2017-22, GWU Legal Studies Research Paper No. 2017-22, available at SSRN, https://ssrn.com/abstract=2938033.
- Train law enforcement to employ tactics likely to mitigate the impact of encryption, such as seizing a phone while it is unlocked or surveilling a target to observe a passcode. These techniques can be used in some cases to obtain access.
- Pursue law enforcement and legal options to obtain or compel the cooperation of the investigation targets. Some options, such as compelling a target to provide a biometric to unlock a phone are currently the subject of ongoing litigation in the United States.
- Provide additional resources to access plaintext. The technological capabilities of U.S. law enforcement have not kept up with the rapid changes in technology. The U.S. government could provide additional resources for law enforcement and/or intelligence agencies to improve their capabilities for accessing and using digital information. These
communications are encrypted, and devices and the data stored on them, are inaccessible. At the same time, some content would remain available where applications and business models require access to plaintext. The universe of information for potential use in investigations will likely also continue to expand, and new forms of content and metadata may become available. In addition, there are specific actions that could be taken within the current legal framework governing the use of encryption, including the following:
resources could be used to develop tools and train personnel to enable better use of the unencrypted digital information that is available to law enforcement and for “lawful hacking” to obtain plaintext in some circumstances by obtaining legal authorization and breaching controls on access at the points information is transmitted, received, stored, or processed. In addition, governments could invest in research and development on new ways of providing access to plaintext that may raise fewer objections—even if they provide more limited access to plaintext. This option could, of course, be pursued regardless of whether other legislative action is taken.
- Enact legislation that requires that device vendors or service providers provide government access to plaintext without specifying the technical means of doing so. The government could enact legislation defining an objective for accessing plaintext; the mandate could be described in a variety of ways depending on different types of problems. For example, a mandate might require that vendors be able to comply with warrants seeking access to the plaintext of the information their products and services are used to encrypt but leave it to industry to design the technical solution.
- Enact legislation requiring a particular technical approach. The government could enact legislation requiring a particular technical approach or regulation to select a technical approach. For example, a law or regulation could require the vendor to implement hardware-based device-level key escrow for access to stored data or require vendor or third-party key escrow for access to communications.
There are also potential options that do not involve regulation of encryption, per se, that the committee does not explore in this report because they did not seem likely to be effective or politically viable. For example, it has been proposed, by analogy to firearm sentence enhancements, that criminal penalties could be increased when encryption is used in the course of a crime. Enhanced penalties can be important if you are trying to deter the use of a particular tactic (e.g., since the use of a firearm increases the risk to public safety, stiffer penalties apply). Unlike guns, however, which the criminal must affirmatively decide to use when committing an offense, encryption is widely embedded in commercial products and services, is often enabled by default, and may not even be in the direct control of the end user. Put another way, a criminal would have to affirmatively decide to avoid encryption to reduce the risk of an enhanced penalty, a most unlikely outcome. One could also consider making it a crime to offer encryption products for criminal purposes. However, such cases are likely already covered by existing aiding and abetting laws, and it seems easy to circumvent such statutes simply by marketing the product for another purpose.
Several of the options above contemplate government regulation of service providers and vendors. Such measures could be brought to bear in a variety of ways and circumstances and applied narrowly or broadly. The following are some of the relevant dimensions of this context:
- Scope. Regulation might be very broad, encompassing both enterprise and personal stored data and communications, or more narrow—for example, covering only access to the contents of smartphones or communications using consumer messaging applications.
- Type of data. Regulations might apply to encrypted data stored in devices, such as smartphones or laptops; data stored by cloud services; and/or the content of network communications.
- Type of user. Regulation might apply to all (or a subset of) commercial entities or private citizens. Notably, some regulated entities (e.g., banks) already have legal obligations to provide data, and enterprises need recovery methods for business continuity. By contrast, private citizens do not generally have such regulatory requirements; they may nevertheless opt for a capability to recover their data. The situation is blurred when people use personal devices in business settings and further complicated because the same devices and services are often used in both personal and business settings.
- Application layer. Regulations might apply only to encryption provided by a device’s operating system, which would provide access to information not otherwise encrypted, but they would not enable access to data separately encrypted by individual applications. Alternatively, regulations might be applied to applications that run on a device or the services to which the applications connect.
- Different crimes or intelligence priorities. For example, individuals might be compelled to reveal a passcode only if needed for the investigation of serious crimes, which could be argued to limit the impact on civil liberties.
Chapter 7 provides an evaluation framework in the form of questions that the committee believes must be addressed in any proposal to provide government access to plaintext. The objective of this framework is not only to help policymakers determine whether a particular approach is optimal or desirable, but also to help ensure that any approach that policymakers might pursue is implemented in a way that maximizes its effectiveness while minimizing harmful side effects. The questions are as follows:
- To what extent will the proposed approach be effective in permitting law enforcement and/or the intelligence community to access plaintext at or near the scale, timeliness, and reliability that proponents seek?
- To what extent will the proposed approach affect the security of the type of data or device to which access would be required, as well as cybersecurity more broadly?
- To what extent will the proposed approach affect the privacy, civil liberties, and human rights of targeted individuals and others?
- To what extent will the proposed approach affect commerce, economic competitiveness, and innovation?
- To what extent will financial costs be imposed by the proposed approach, and who will bear them?
- To what extent is the proposed approach consistent with existing law and other government priorities?
- To what extent will the international context affect the proposed approach, and what will be the impact of the proposed approach internationally?
- To what extent will the proposed approach be subject to effective ongoing evaluation and oversight?
The reader may find it helpful to keep these questions in mind when reading the examples and analysis in subsequent chapters of this report.