FBI Director James Comey speaks about the impact of technology on law enforcement, on October 16, 2014.

FBI Director James Comey speaks about the impact of technology on law enforcement, on October 16, 2014. Jose Luis Magana/AP

White House Push To Allow FBI Phone Hacks Could Hurt Intelligence Gathering

Two former Navy SEALs say that the White House and FBI push against encryption will hurt troops, intelligence gathering. By Patrick Tucker

Through public speeches and secret meetings, FBI Director James Comey has been pushing to stop companies like Apple and Google from encrypting users’ phone data. Two former Navy SEALs say that the policy that the FBI and the Justice Department are pursuing would hurt men and women in uniform and possibly even our allies by forcing  them to use insecure devices and services for communication.

Here’s how the fight over encryption took form. In September, Apple announced that its most recent operating system update for the iPhone, the iOS 8, would encrypt phone data.

“On devices running iOS 8, your personal data such as photos, messages (including attachments), email, contacts, call history, iTunes content, notes and reminders is placed under the protection of your passcode….Unlike our competitors, Apple cannot bypass your passcode and therefore cannot access this data… So it’s not technically feasible for us to respond to government warrants,” Apple says in a notice on the privacy portion of its website.

Google followed, announcing an encryption update for its Android 5.0 Lollipop operating system. As Yahoo Tech’s Rob Pegoraro reports, that will affect the Nexus 6 first and other phones soon after.

Upon news of the announcement, Comey responded by condemning encryption, first speaking out at a Brookings Institution event, saying that Apple and Google’s decision was going to take the country to a  “very dark place” where law enforcement “misses out” on crucial evidence to stop terrorists and gather evidence against criminals. Comey approached the president and, along with representatives from the Justice Department, briefed members of the House in a classified session. Legislatively, the lawmakers could easily block Apple and Google from offering encryption by updating the Communications Assistance for Law Enforcement Act, which mandates that telephone companies like AT&T and Verizon build backdoors into their networks to allow taping. But the 1994 law doesn’t apply to companies like Google and Apple or other newer networks, so an update to the law could force the companies to allow law enforcement easier access to user data.  

At a moment when the United States is conducting a military campaign to disrupt, dismantle and defeat ISIL, now is not the time to be considering legislation that takes away the exact tools we need to combat ISIL.
Sen. Mitch McConnell, R-Ky.
Senate Majority Leader

How do lawmakers feel about that? Despite widespread public concern about government electronic spying on the public, on Nov. 18 the Senate effectively killed the only NSA reform measure to come out of the Snowden scandal, the so-called Freedom Act.

Incoming Senate Majority Leader Mitch McConnell, R-Ky. even said that the fight against the Islamic State means that the U.S. can’t consider reforming the way the government collects bulk meta data and that’s via phone. “At a moment when the United States is conducting a military campaign to disrupt, dismantle and defeat ISIL, now is not the time to be considering legislation that takes away the exact tools we need to combat ISIL.”

All of that suggests that some lawmakers are more open to Comey’s arguments now that the midterm elections are over. 

(Read More: The FBI's Quiet Plan To Expand Its Hacking Powers)

Vic Hyder and Mike Janke, two former Navy SEALs with the company Silent Circle, say that the FBI’s plan to block phone makers and service providers from offering phone encryption would make it significantly more difficult for deployed people to communicate back home and even for members of the intelligence community to communicate with sources.

Importantly, Hyder and Janke aren’t exactly unbiased in this fight. Silent Circle, the company that Janke launched in 2012 with computer scientist Philip Zimmermann, sells encryption services—and devices—to the public. They offer different encryption apps that they sell through the App store and through Google Play that allow users to encrypt their phone calls contacts and tests. They also sell encryption calling plans to members. Hyder is the company’s chief strategy officer.

In June, the company debuted a smart phone called the Blackphone. They already have customers within the U.S. military.

While they acknowledge that their opposition is borne out of self-interest, they say that blocking encryption would also hurt their customers, which includes a lot of men and women on the front lines. “If Director Comey’s efforts actually resulted in legislative change to halt the sale of encryption or encryption services, he would only be hurting the American people, businesses, government entities who Silent Circle’s encrypted communication services are currently protecting,” Janke told Defense One.

The intelligence community today is a great deal larger and more diverse than it was 50 years ago. Getting good sources to talk becomes more difficult if secure communication is the sole right of a small handful of people. 

Janke started the company as a way to actually meet a military neednot so much as a replacement for tactical communications (many which have their own security problems), but rather to enable troops to stay better connect with family on the other side of the world without giving away data to potential adversaries or hackers.

“Where this comes in to play is when [troops] are calling home and they pop up on their mobile phones and use Skype. It’s hackable, not secure and not approved for government use. We wanted something for those mobile phones to give privacy back. The company started for the purpose of helping deployed troops and human rights advocates speaking out against their governments,” Hyder told Defense One. “Comey’s telling the guys they can’t communicate back home without an Iridium phone,” he said, referring to a pricy satellite phone that can run into thousands of dollars and offers no smartphone functionality.

Zimmermann elaborated on the threat to soldiers posed by communication over insecure networks and platforms like Skype, but the growing need to stay-connected, especially over frequent and long deployments, makes less secure communication back home from the front lines inevitable.

“Suppose a U.S. soldier is talking to his family back home and he’s using a tool that doesn’t encrypt things,” said Zimmermann, "there will be leakage of information… things he talks about with his family. That’s just the place where the military intersects their civilian lives. You can’t have backdoors in this stuff because those backdoors will be exploited... Look at how the Chinese government exploited the back doors in Google services that Google built in for law enforcement.”

The FBI’s nascent war on encryption is all too familiar to Zimmermann, who is also the creator of Pretty Good Privacy or PGP, one of the most used e-mail encryption software packages in the world. Since Zimmermann first published it for free on the Internet in 1991, PGP has helped thousands of people around the world communicate more securely, including people the intelligence and the military community.

But some in government saw the act of publishing PGP as a potential violation of U.S. export arms restrictions (cryptographic software, according to this line of thinking, constitutes a weapon). Zimmermann spent three years under criminal investigation. The world now relies on software like PGP and encryption in general.

“I would like to point out that the legislative environment today is different from the 1990s.” Back then, he said, “You had to justify your use of crypto,” and attempting to send messages in secret suggested, perhaps reasonably, that you had something to hide that might be of value to the national security community. Today cyber-security is rising as a consumer, business and national security concernand encryption is a key part of making networks, devices and data more secure..

“If you are a doctor and your hospital doesn’t encrypt records, you’re in violation of HIPAA Law,” said Zimmermann, referring to the Health Insurance Portability and Accountability Act. A world without encryption is one where hackers in China and Russia can much more easily commit financial and even military espionage, of the sort that has garnered attention recently from the press and from lawmakers. One example of that is the recent cyber attacks from China aimed at U.S. Transportation Command.

You can’t have backdoors in this stuff because those backdoors will be exploited.
Philip Zimmermann
Co-founder, Silent Circle

The governments of Mexico, Brazil, Ukraine, Trinidad and Tobago, Saudi Arabia, Jordan, Singapore and Germany are all using Silent Circle’s services for secure communication. “I was told the Queen of England was notified of the baby's birth last year via Silent Phone due to the law requiring secure communication methods used to inform her first,” said Hyder.

The company says that legislation making encryption unavailable to the public could also hurt intelligence collection. The intelligence community today is a great deal larger and more diverse than it was 50 years ago. Potential sources of information in places like northern Iraq or China may be much less likely to provide actionable intel if they can’t communicate over a secure medium with U.S. agents, contractors, journalists or intermediaries. Getting good sources to talk becomes more difficult if secure communication is the sole right of a small handful of people. 

“As [human intelligence] assets report on current activities to journalists or government agents from hotbeds around the world, they can do so knowing they are protected from prying ears who would imprison or kill them for the information they are providing. Silent Circle’s encryption not only increases the flow and quality of information that can be used to target criminal elements but also protect those who are in the fray assigned to collect and report,” Janke said.

It’s a sales pitch, of course, but Janke’s claim is backed up, at least a bit, by the sorts of clients they service.

“A lot of the guys I’ve worked with over the years [primarily in military intelligence] have come in asking about the Blackphone and have purchased in small numbers,” said Hyden. The concern among these spies was the safety of their sources, people with whom they needed to communicate but who wouldn’t be safe carrying around U.S. military equipment.

The vulnerability of conventional phone and text communication could even affect the intelligence environment in Iraq and Syria, where the rapid rise of the Islamic State resulted, according to some, from a lack of U.S. human intelligence on the ground.

“I heard about a journalist in Damascus who was calling her editor to report what was going on in a cell phone. It caught the attention of the Syrian Regime. They intercepted that and there was a banging on her hotel room door not long after. She had to escape out the back. She got Blackphone and that solved the problem,” Zimmermann said.

(Related: Democrat to NSA: Forget Congress, Stop Mass Spying Now)

In working to block Google, Apple and potentially Silent Circle, from offering encryption, Comey is being shortsighted, Zimmermann said. “The FBI is enjoying the golden age of surveillance. Some of this comes form pervasive cameras, facial recognition, optical reading tech and transaction data. Comey is talking about a few pixels. He has an enormously lucrative environment for surveillance today that he never had before.”

Bottom line for Zimmermannencryption is now a tool that can make the world more secure. Despite Comey’s dire warnings about how allowing everyone to talk more securely would make law enforcement harder, agents in the field understand its value. For evidence of that refer to a talk Zimmermann gave at this years DefCon event in Law Vegas in August, long before Comey’s recent moves.

“The FBI visited us at our office,” Zimmermann recalled. “They said ‘We’re here to ask about pricing.’”

X
This website uses cookies to enhance user experience and to analyze performance and traffic on our website. We also share information about your use of our site with our social media, advertising and analytics partners. Learn More / Do Not Sell My Personal Information
Accept Cookies
X
Cookie Preferences Cookie List

Do Not Sell My Personal Information

When you visit our website, we store cookies on your browser to collect information. The information collected might relate to you, your preferences or your device, and is mostly used to make the site work as you expect it to and to provide a more personalized web experience. However, you can choose not to allow certain types of cookies, which may impact your experience of the site and the services we are able to offer. Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our First Party Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). For more information about the First and Third Party Cookies used please follow this link.

Allow All Cookies

Manage Consent Preferences

Strictly Necessary Cookies - Always Active

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data, Targeting & Social Media Cookies

Under the California Consumer Privacy Act, you have the right to opt-out of the sale of your personal information to third parties. These cookies collect information for analytics and to personalize your experience with targeted ads. You may exercise your right to opt out of the sale of personal information by using this toggle switch. If you opt out we will not be able to offer you personalised ads and will not hand over your personal information to any third parties. Additionally, you may contact our legal department for further clarification about your rights as a California consumer by using this Exercise My Rights link

If you have enabled privacy controls on your browser (such as a plugin), we have to take that as a valid request to opt-out. Therefore we would not be able to track your activity through the web. This may affect our ability to personalize ads according to your preferences.

Targeting cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.

Social media cookies are set by a range of social media services that we have added to the site to enable you to share our content with your friends and networks. They are capable of tracking your browser across other sites and building up a profile of your interests. This may impact the content and messages you see on other websites you visit. If you do not allow these cookies you may not be able to use or see these sharing tools.

If you want to opt out of all of our lead reports and lists, please submit a privacy request at our Do Not Sell page.

Save Settings
Cookie Preferences Cookie List

Cookie List

A cookie is a small piece of data (text file) that a website – when visited by a user – asks your browser to store on your device in order to remember information about you, such as your language preference or login information. Those cookies are set by us and called first-party cookies. We also use third-party cookies – which are cookies from a domain different than the domain of the website you are visiting – for our advertising and marketing efforts. More specifically, we use cookies and other tracking technologies for the following purposes:

Strictly Necessary Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Functional Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Performance Cookies

We do not allow you to opt-out of our certain cookies, as they are necessary to ensure the proper functioning of our website (such as prompting our cookie banner and remembering your privacy choices) and/or to monitor site performance. These cookies are not used in a way that constitutes a “sale” of your data under the CCPA. You can set your browser to block or alert you about these cookies, but some parts of the site will not work as intended if you do so. You can usually find these settings in the Options or Preferences menu of your browser. Visit www.allaboutcookies.org to learn more.

Sale of Personal Data

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Social Media Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.

Targeting Cookies

We also use cookies to personalize your experience on our websites, including by determining the most relevant content and advertisements to show you, and to monitor site traffic and performance, so that we may improve our websites and your experience. You may opt out of our use of such cookies (and the associated “sale” of your Personal Information) by using this toggle switch. You will still see some advertising, regardless of your selection. Because we do not track you across different devices, browsers and GEMG properties, your selection will take effect only on this browser, this device and this website.