WASHINGTON -- Paris public prosecutor Francois Molins said on Wednesday that a cell phone found in a trash can outside the Bataclan concert hall belonged to one of the perpetrators of last week's terrorist attack. But he did not say how law enforcement accessed the incriminating information on the phone, raising questions about whether the phone was encrypted.
U.S. lawmakers and police have pointed to the Paris attacks, which are linked to the Islamic State group, as reason to support weakening encryption technology used by private American citizens and companies. The New York Times reported on Monday that American and French officials had yet to produce definitive evidence to support their belief that the terrorists relied on encryption.
The discovery of the cell phone trashed outside the Bataclan, where 89 people were killed out of the 129 total, may enter into the encryption debate. The phone contained a detailed plan of the attack on the concert hall, French news outlets reported. Investigators also told Le Monde they used geolocation services on the phone to find a suburb where one of the attackers was last seen.
Molins said in a press conference on Wednesday that an SMS text message that translates to, "Let's go, we're starting" was sent on the cell phone from one of the attackers to an unknown person. He didn't specify how law enforcement got this information. France’s Ministry of Interior did not respond to a request for comment.
Depending on how the phone was encrypted, law enforcement could have accessed it regardless. But the presence of text messages and other information also raises the possibility that the attacker's communications were not encrypted at all. Apple, for example, encrypts new iPhones by default, and the company itself promises that it can't unlock one and extract user data.
The Obama administration has claimed the Islamic State uses encryption, and intelligence officials contend that it makes terrorism plots more difficult to foil. Silicon Valley has strongly fought government efforts to weaken encryption, with critics noting that such efforts could backfire and enable malicious hackers. The Obama administration has appeared to concede the point, backing away from legislation that would require companies to build backdoors for government snooping.
But in wake of the Paris attacks, anti-encryption efforts are back in the spotlight. Sen. Tom Cotton (R-Ark.) introduced legislation on Tuesday to delay an expiration date on controversial National Security Agency surveillance. Senate Intelligence Committee Chairman Richard Burr (R-N.C.) told The Washington Post on Tuesday, “We don’t have a responsibility to sell their products. We have a responsibility to keep America safe … and if it means people are going to have to change their business models, then so be it.”
And on Sunday, New York Police Commissioner Bill Bratton made a direct link between the attacks on Paris and encryption while on CBS's "Face of the Nation." “These apps, these devices that now allow these terrorists to operate without fear of penetration by intelligence services. This is the first example of this," he said.
Privacy advocates said it's far too soon to be using the Paris attacks as justification for these efforts. If the phone was unencrypted, that "highlights the need to not engage in reactionary responses to these really horrific incidents, and instead wait until we have the facts," said Amie Stepanovich, U.S. policy manager at Access, a digital rights group.
"Even if the attackers had been using encryption, we think that to engage in conversations about policies that would shut down the use of millions, if not billions of innocent users to protect their data...would be incredibly premature," she added.
"Politicians and the intelligence industry are exploiting this tragedy to pass policies they've wanted for years," said Tiffiniy Cheng, co-founder of Fight for the Future, an activist group.