National Security Agency Director Adm. Michael Rogers on Thursday insisted “encryption is foundational to the future.”
“So spending time arguing about 'Hey, encryption is bad and we ought to do away with it,' that’s a waste of time to me,” Rogers added during remarks at the Atlantic Council, an international affairs think tank.
In the wake of the terror attacks in Paris and San Bernardino, Calif., law enforcement and some lawmakers have been pressing tech companies to give investigators guaranteed access to secure data. They say encryption has allowed terrorists and criminals to operate out of sight of investigators.
But the tech and privacy community have resisted the push. They say any type of guaranteed access to data introduces vulnerabilities that weaken encryption and expose everyday Internet activity to hackers.
Rogers did not directly back one argument over the other, but he did emphasize the importance of strong encryption.
He also vouched for further adoption of encryption, especially in light of the recent hacks at the Office of Personnel Management (OPM), which exposed over 20 million federal workers’ sensitive data. The agency was knocked for not having wide encryption adoption prior to the intrusions.
Rogers stressed that encryption was a fact of modern life and agencies such as the NSA have to work on novel approaches to get at encrypted information that might not be accessible using traditional techniques.
“So what we’ve got to ask ourselves is, given that foundation [of encryption], what’s the best way for us to deal with it?” he said. “And how do we meet those very legitimate concerns from multiple perspectives?”
On Capitol Hill, lawmakers are debating how — and whether – they should regulate encryption.
Senate Intelligence Committee Chairman Richard BurrRichard BurrBurr: US in new Cold War with Russia Senator: No signs of GOP 'slow-walking' Russia investigation GOP senator hits back at criticism of Russia probe MORE (R-N.C.) is working on a bill with his committee’s ranking member, Sen. Dianne FeinsteinDianne FeinsteinComey to testify before Senate Judiciary Committee House cyber chairman wants to bolster workforce Trump, lower court nominees need American Bar Association review MORE (D-Calif.), that would force companies to decrypt data under court order. Currently, companies like Apple argue their encryption makes them incapable of unlocking certain types of data.
A pair of lawmakers – House Homeland Security Committee Chairman Michael McCaul (R-Texas) and Sen. Mark WarnerMark WarnerOvernight Cybersecurity: DNC hackers also targeted French presidential candidate | Ex-acting AG Yates to testify at Senate Russia hearing Schumer: Senate Russia probe moving too slowly Senate Intel Dem has ‘serious concerns’ on Russia probe MORE (D-Va.) — worry that such a bill would weaken encryption. They’re pushing legislation that would establish a national committee to study the topic first, then present potential suggestions to Congress about how police could get at encrypted data without endangering Americans’ privacy.
“I’m not a person who argues the imperative is security and that ought to drive everything,” Rogers said Thursday. “Likewise, I’m not a person who says the imperative has got to be privacy and that ought to be everything.”
“We’ve got to meet these two imperatives,” he added. “We’ve got some challenging times ahead of us, folks.”