WASHINGTON -- The failure to pick up communications between terrorists involved in the deadly Paris attacks last week is feeding a belief in Washington that encryption technology was used to carry out the assault.
French officials found a cell phone near the Bataclan concert hall on Wednesday that they tied to one of the attackers. They wouldn’t say if data on the phone was encrypted.
Still, senators on Capitol Hill are moving forward with a review of encryption use, and are weighing whether to pursue legislation to weaken it.
“Encryption is used by terrorists to communicate and we have no insight even with a court order,” Sen. Richard Burr (R-N.C.) said on Wednesday.
Burr told The Huffington Post that the Intelligence Committee, which he chairs, plans to take a thorough look at encrypted data in the coming weeks.
“The fact that we didn’t pick up any communications is probably a pretty good indication that it was used,” Burr said when asked if there was any evidence that the Paris attackers used encrypted channels to plan the deadly strikes.
A day earlier, after the Intelligence Committee held a closed-door briefing on the attacks, Burr said terrorism suspects in Belgium, France and Syria likely used encryption.
“It’s a wake-up call for America and our global partners that ... we need to begin the debate on what we do on encrypted networks, because it makes us blind to communications and to the actions of potential adversaries,” Burr said.
Sen. Dianne Feinstein (D-Calif.), the top Democrat on the Intelligence Committee, joined Burr in arguing that encrypted technology limits the amount of “good intelligence” government officials are able to access. “And only good intelligence is going to keep people safe,” she said.
Burr and Feinstein both clarified that they aren't yet pursuing legislation on encryption, but want to explore the issue more. Sen. Tom Cotton (R-Ark.), meanwhile, is pushing for a new measure to extend a sweeping National Security Agency telephone data-collection program that is set to expire on Nov. 29.
Due to mounting privacy concerns, the administration had all but given up on forcing tech companies to decrypt data for law enforcement. Silicon Valley and Washington have recently been locked in a back-and-forth struggle over security and consumer protections as lawmakers considered a cybersecurity sharing bill and the renewal of NSA’s bulk data collection under the USA Freedom Act, first passed in the wake of the Sept. 11 terrorist attacks.
Late last month, the White House abandoned its attempt to get Congress to pass legislation requiring companies to hand over decoded communications.
Still, Friday’s terrorist attacks in Paris have enabled lawmakers concerned about encryption to assert their views more forcefully.
“It’s just astonishing to me how those advocates of ridding us of any government involvement in our lives have now become strangely quiet,” Sen. John McCain (R-Ariz.) said Wednesday, taking a jab at some libertarians within the Republican conference who had opposed renewing the NSA bulk data collection program and argued for more privacy.
The events in Paris, McCain argued, have proven privacy advocates “wrong.”
In its review of encryption use, the Senate should also determine “whether there should be a key or not that’s held by the government that only through a court order the government could use,” he added.
A key, or a backdoor, is an opening that companies build into products, such as computers or phones, to be able to get through encryption software easily and gain access to information about cyber or terrorist threats when needed.
Sen. Dick Durbin (D-Ill.), the second ranking Democrat in the Senate, also blamed encryption for hindering officials' ability to track terrorist plots.
“We are told by the major agencies that are in charge of domestic security that encryption is now a major problem in terms of following the communications of those who would be terrorists and harm the U.S.,” Durbin said when discussing the Paris attacks. “I want to know what we can do to give [government officials] access.”
Tech companies will likely fight such efforts. Creating a master key, or backdoor, for encrypted apps and devices would only make everyone less safe, and could potentially backfire if hackers exploit it, critics say. It’s unclear if weakening the strong default encryption now provided on all Apple iPhones -- and soon, on Androids -- would prevent terrorism at all.
“My view is it’s important to be very careful about some of these knee-jerk approaches that don’t give you more security and put at risk your liberty,” said Sen. Ron Wyden (D-Ore.), a staunch privacy proponent. “Requiring U.S. companies to weaken encryption when terrorists can fairly easily obtain advanced encryption products around the world doesn’t make much sense to me.”
Durbin, among others, wasn’t convinced. “There are things that are more important than the profitability of a private company,” Durbin said. “I think the security of the U.S. is.”
Also on HuffPost:
