WASHINGTON—Despite the challenges that widespread adoption of strong encryption poses for law enforcement seeking to intercept messages and prevent or investigate crime, a new report released today by the Information Technology and Innovation Foundation (ITIF), the leading think tank for science and technology policy, argues that legislative proposals to ban “warrant-proof encryption” or otherwise provide law enforcement with exceptional access to encrypted data, like Sen. Graham’s Lawful Access to Encrypted Data (LAED) Act, should be off the table. Such measures would be ineffective and shortsighted, the report concludes, and they would sacrifice long-term gains in cybersecurity and national competitiveness for limited law enforcement capabilities.
“Congress is considering an extreme and unjustified ‘nuclear option.’ Law enforcement calls for a federal ban on ‘warrant-proof encryption’ would do relatively little to take encryption out of the hands of bad actors, but history shows it would make commercial products less secure for ordinary consumers and businesses, and it would damage U.S. competitiveness,” says ITIF Vice President Daniel Castro, who authored the report. “Moreover, a close look at the key events that have shaped law enforcement access to encrypted data shows that this problem is not new: The ability of law enforcement to successfully access user data has varied at different points in history due to technological and legal limits.”
Given the long-standing opposition to restrictions on commercial encryption from civil society, academics, and technology companies, the debate over this technology is likely to remain a hotly contested policy issue. In addition, the steady deployment of ever-more-secure technologies will mean that encryption will continue to impact the methods and operations of law enforcement and the intelligence community, and these communities will have to adapt to new circumstances.
“There is room for reasonable debate about how to respond to this challenge and how to better equip law enforcement with the tools and resources it needs to make use of digital evidence,” Castro adds. “But the U.S. government’s policy should be to champion encryption at home and abroad as a foundation of building a secure and trustworthy Internet.”