Bipartisan House Group Warns Against Weakening Encryption

The bipartisan group of lawmakers who have been studying encryption released a year-end report on Tuesday arguing against laws that would weaken encryption protections on computers and devices.

The House Encryption Working Group said finding ways to allow police to break into encrypted devices “is not in the national interest,” even if it is done to help law enforcement gain access to information pertaining to an investigation.

But, the group added, lawmakers also must find ways to ensure that the legitimate concerns of law enforcement and intelligence communities about encryption are addressed.

“This can no longer be an isolated or binary debate,” the report concluded, adding that there is “no ‘us versus them,’ or ‘pro-encryption versus law enforcement.’”

The group is a joint project of the House Energy and Commerce and Judiciary Committees, founded by the chairmen and ranking members of each panel in the wake of the March 2016 standoff between the Federal Bureau of Investigation and Apple Inc. over an encrypted iPhone used by a suspected terrorist in the San Bernardino mass shooting. The FBI asked Apple to build a backdoor vulnerability around the encryptions to open the phone, a step that Apple refused to take. The FBI eventually dropped the request.

In addition to the Judiciary Committee Chairman Bob Goodlatte (R-Va.), ranking member John Conyers (D-Mich.), Energy and Commerce Committee Chairman Fred Upton (R-Mich.) and ranking member Frank Pallone (D-N.J.), the working group consists of Reps. Yvette D. Clarke (D-N.Y.), Suzan DelBene (D-Wash.), Darrell Issa (R-Calif.), Bill Johnson (R-Ohio), Joe Kennedy III (D-Mass.), Adam Kinzinger (R-Ill.), Zoe Lofgren (D-Calif.) and Jim Sensenbrenner (R-Wis.).

Tuesday’s report touted the benefits of encryption to national security and consumer privacy and warned that any congressional crackdown on encryption technology would do little to stop its use by criminals.

People in other countries would continue to develop new encryption methods that would also be usable by criminals in America. Furthermore, the report said, draconian anti-encryption policies from government could push companies reliant on the technology out of the United States.

The report found significant gaps in the abilities of state and local law enforcement to work around encrypted computers or devices, noting that they are worse than the technology and practices deployed by federal law enforcement and intelligence agencies.

The group recommended that Congress work to close that gap by fostering cooperation between law enforcement agencies and the technology community.

The group also recommended that Congress assist law enforcement in developing alternative practices for investigations of encrypted data. That includes clarifying the legal means that investigators possess to compel the release of information, examining whether metadata analysis can substitute for the direct examination of encrypted data, and clarifying when and how investigators can legally hack into a suspect’s encrypted files.

The Encryption Working Group was criticized earlier this year for inactivity, after reports emerged in September that lawmakers in the group had only met once since its founding. Committee aides told Morning Consult at the time that “scheduling snafus” had forced staff to cancel meetings between the involved lawmakers.