FBI Boss: We Don’t Want Backdoors, but We Do Want Access to Encrypted Devices

Written by

The FBI has nearly 7800 devices it can’t access because of encryption, according to its director, who repeated calls yesterday for tech providers to find a solution to the issue that doesn’t involve creating backdoors.

In a speech to the International Conference on Cyber Security, Wray claimed the Feds were unable to access 7775 encrypted devices last year — far higher than the 6900 figure touted in October.

He argued this was fast becoming an “urgent public safety issue” which would only get worse over time unless US technology companies engineer a “responsible” solution.

“We’re not looking for a ‘back door’ – which I understand to mean some type of secret, insecure means of access,” he said. “What we’re asking for is the ability to access the device once we’ve obtained a warrant from an independent judge, who has said we have probable cause.”

However, experts have argued that the only way to give the FBI what it’s asking for is indeed engineering a de facto backdoor.

This would put the privacy and security of hundreds of millions of devices potentially at risk if it fell into the wrong hands, and could even be abused by over-reaching law enforcers, whilst putting pressure on providers like Apple to do the same in countries with poor human rights records, the argument goes.

Whilst admitting a possible solution “isn’t so clear-cut,” Wray’s main line of argument was that US companies lead the world in innovation, so they should be able to find a way to allow law enforcers limited access to devices for which they have a warrant, without breaking security for law-abiding users.

He also claimed that US tech firms are already acceding to requests for customer data by foreign governments, although crucially didn’t go as far as to claim firms like Apple had broken their own encryption to do so.

“The FBI supports information security measures, including strong encryption,” said Wray. “But information security programs need to be thoughtfully designed so they don’t undermine the lawful tools we need to keep this country safe.”

The news comes as researchers unveiled a new end-to-end encrypted group chat protocol, dubbed Asynchronous Ratcheting Tree (ART).

Facebook and Oxford University teamed up on the project, which overcomes inadequacies in current solutions where if one member of the group is hacked then all conversations can be accessed.

This latest innovation in encrypted messaging is unlikely to go down well with law enforcers on either side of the Atlantic.

What’s hot on Infosecurity Magazine?