The House Energy & Commerce Committee Tuesday took a deep dive into the tension between encryption and law enforcement. Among the takeaways were that Apple has made no decision about whether to encrypt information in the cloud and the company's assertion that it did not share source codes with China, though that government had asked for them.
The three-plus-hour hearing featured two panels, including witnesses from the FBI and Apple—though not on the same panel.
The poster case for the issue was FBI v. Apple over access to a San Bernardino shooter's encrypted cell phone information, but as House Energy & Commerce Committee chairman Fred Upton (R-Mich.) put it in his opening statement, "[i]t is important that we move beyond the 'us versus them' mentality."
Upton said there are valid concerns on both sides, and no ready answers, but that was no reason "to put our head in the sand or resort to default positions."
But the tensions were still obvious. Thomas Galati, chief of intelligence with the NYPD, said encryption leaves "the police, prosecutors, and the people we are sworn to protect in a very precarious position" and laid the blame at the feet of tech companies.
"What is even more alarming is that this position is not dictated by our elected officials, our judiciary system, or our laws. Instead, it is created and controlled by corporations like Apple and Google. These corporations have taken it upon themselves to decide who can access critical information in criminal investigations."
For his part, Apple general counsel Bruce Sewell said that strong encryption is "a good thing" and "a necessary thing" to protect consumers information. He also suggested that helping the government circumvent those protections would do more harm than good. "[T]he people subject to law enforcement inquiries represent far less than one-tenth of one percent of our hundreds of millions of users," he said. "But all of those users — 100% of our users would be made more vulnerable if we were forced to build a back door."
The FBI has said it does not want Apple to create a back door, just to call off the dogs so it can try to pick the lock on the front door if there are exigent circumstances, like getting info about terrorists or criminals.
Sewell suggested that there was a fundamental difference in perspective that needed resolving.
"As you heard from our colleagues in law enforcement, they have the perception that encryption walls off information to them," he said. "But technologists and national security experts don’t see the world that way. We see a data-rich world that seems to be full of information. Information that law enforcement can use to solve—and—crimes."
The Information Technology Industry Council saw the hearing as progress on a tough issue.
“Unlike most Washington debates, where people go into their separate corners and repeat ‘us versus them’ positions, a serious discussion is emerging between lawmakers and tech on encryption,” said ITIF SVP for government affairs Andy Halataei. “Members of Congress on both sides of the aisle are asking thoughtful questions to understand the critical role encryption plays in securing our digital world. These hearings are also giving lawmakers a better sense of the trade-offs involved for the security and safety of Americans that would occur by placing restrictions or limitations on encryption that would do more harm than good.”