Overnight Cybersecurity: Mueller makes new sealed filing in Manafort, Gates case | SEC updates cyber risk disclosure guidance | Global cost of cybercrime estimated at $600B
Lawmakers: No evidence San Bernardino shooters used encryption
Lawmakers on Thursday said there was no evidence yet that the two suspected shooters used encryption to hide from authorities in the lead-up to last week's San Bernardino, Calif., terror attack that killed 14 people.
"We don't know whether it played a part in this attack," Senate Intelligence Committee Chairman Richard Burr (R-N.C.) told reporters following a closed-door briefing with federal officials on the shootings.
But that hasn't ruled out the possibility, Burr and others cautioned.
"That's obviously one issue were very interested in," House Intelligence Committee ranking member Adam Schiff (D-Calif.) said. "To what degree were either encrypted devices or communications a part of the impediment of the investigation, either while the events were taking place or to our investigation now?"
The recent terror attacks in San Bernardino and Paris have shed an intense spotlight on encryption.
While no evidence has been uncovered that either plot was hatched via secure communications platforms, lawmakers and federal officials have used the incidents to resurface an argument that law enforcement should have guaranteed access to encrypted data.
"We've still got a big problem out there that we're going to have to deal with and it's called encryption," Burr said.
Since the government's secret surveillance programs were disclosed in 2013, prominent tech companies such as Apple and Google have moved to encrypt their customers' communications in an effort to keep the data away from government spies.
But now pressure is mounting on the tech community to decrypt data upon request.
Tech firms have protested that robust encryption locks out everyone, including the company itself. Any method that ensures access, they maintain, will simply expose data to hackers, as well as government officials.
Intelligence leaders on Capitol Hill worry this approach has hurt investigations into potential terrorists.
Burr suggested it might have even played a role in the accused San Bernardino shooters - Tashfeen Malik and Syed Rizwan Farook - going unnoticed for years, despite the FBI saying they had been radicalized for some time.
"Any time you glean less information at the beginning, clearly encryption probably played a role in it," he said. "And there were a lot of conversations that went on between these two individuals before [Malik] came to the United States that you would love to have some insight to other than after an attack took place."
Burr is backing two bills he believes could help investigators uncover budding terrorists.
The first, introduced this week with Senate Intelligence Committee ranking member Dianne Feinstein (D-Calif.), would require social media companies to report terrorist activity on their platforms.
"I think that bill makes common sense," Burr said. "I think companies would want to contribute to bringing down things that drive terrorism whether they're words or videos."
The second, which he is currently working on with Feinstein, would compel companies to comply with court orders requesting encrypted data.
"I think this world is really changing in terms of people wanting the protection and wanting law enforcement, if there is conspiracy going on over the Internet, that that encryption ought to be able to be pierced," Feinstein said during a hearing Wednesday.
Privacy advocates and tech industry groups have already pushed back against both efforts.