Yesterday, former Secretary of State Hillary Clinton outlined her national security plan against the Islamic State, speaking at the University of Minnesota in Minneapolis. From the transcript of her speech, it seems that the question of end-to-end encryption has now reached the Democratic presidential race. While Mrs. Clinton does not expressly endorse backdoors, her remarks suggest that she apparently envisions some kind of voluntary cooperation between technology firms and the federal government. Most importantly, her comments seem to phrase encryption as a "problem" to be solved, even if she does not explicitly endorse granting law enforcement exceptional access to devices.
It is, of course, not the first time she has addressed the role of technology firms in combating terrorism. Earlier this month in a speech at the Brookings Saban Forum, Ms. Clinton noted that ISIS's use of "encrypted apps" will require "even more thinking about how to"..."shut off their means of communicating." In November, she called on Silicon Valley to collaborate with federal law enforcement in taking on terrorist networks online, and said that "we need Silicon Valley not to view government as its adversary."
Her most relevant comments from yesterday are below, with her specific remarks on encryption italicized:
Third, we have to discover and disrupt jihadist plots before they can be carried out. This is going to take better intelligence collection, analysis, and sharing. I’ve proposed an “intelligence surge” against ISIS that includes more operations officers and linguists, enhancing our technical surveillance of overseas targets, intercepting terrorist communications, flying more reconnaissance missions to track terrorists’ movements, and developing even closer partnerships with other intelligence services.
President Obama recently signed the USA Freedom Act, which was passed by a bipartisan majority in Congress. It protects civil liberties while maintaining capabilities that our intelligence and law enforcement agencies need to keep us safe. However, the new law is now under attack from presidential candidates on the left and right. Some would strip away crucial counterterrorism tools, even with appropriate judicial and congressional oversight. Others seem eager to go back to discredited practices of the past.
I don’t think we can afford to let either view prevail. Now, encryption of mobile devices and communications does present a particularly tough problem with important implications for security and civil liberties. Law enforcement and counterterrorism professionals warn that impenetrable encryption may make it harder for them to investigate plots and prevent future attacks. On the other hand, there are very legitimate worries about privacy, network security, and creating new vulnerabilities that bad actors can exploit.
I know there’s no magic fix to this dilemma that will satisfy all these concerns. But we can’t just throw up our hands. The tech community and the government have to stop seeing each other as adversaries and start working together to keep us safe from terrorists. And even as we make sure law enforcement officials get the tools they need to prevent attacks, it’s essential that we also make sure jihadists don’t get the tools they need to carry out attacks.