National Security Agency Director Adm. Michael Rogers on Thursday insisted “encryption is foundational to the future.”
“So spending time arguing about 'Hey, encryption is bad and we ought to do away with it,' that’s a waste of time to me,” Rogers added during remarks at the Atlantic Council, an international affairs think tank.
In the wake of the terror attacks in Paris and San Bernardino, Calif., law enforcement and some lawmakers have been pressing tech companies to give investigators guaranteed access to secure data. They say encryption has allowed terrorists and criminals to operate out of sight of investigators.
But the tech and privacy community have resisted the push. They say any type of guaranteed access to data introduces vulnerabilities that weaken encryption and expose everyday Internet activity to hackers.
Rogers did not directly back one argument over the other, but he did emphasize the importance of strong encryption.
He also vouched for further adoption of encryption, especially in light of the recent hacks at the Office of Personnel Management (OPM), which exposed over 20 million federal workers’ sensitive data. The agency was knocked for not having wide encryption adoption prior to the intrusions.
Rogers stressed that encryption was a fact of modern life and agencies such as the NSA have to work on novel approaches to get at encrypted information that might not be accessible using traditional techniques.
“So what we’ve got to ask ourselves is, given that foundation [of encryption], what’s the best way for us to deal with it?” he said. “And how do we meet those very legitimate concerns from multiple perspectives?”
On Capitol Hill, lawmakers are debating how — and whether – they should regulate encryption.
Senate Intelligence Committee Chairman Richard BurrRichard BurrTop Intel Dem: Congress 'far from consensus' on encryption Trump must be an advocate for the Small Business Administration Dems pledge to fight Sessions nomination MORE (R-N.C.) is working on a bill with his committee’s ranking member, Sen. Dianne FeinsteinDianne FeinsteinOvernight Energy: Senate Dems set to fight water bill White House could make 'torture' report public, says Intel Dem Top Intel Dem: Congress 'far from consensus' on encryption MORE (D-Calif.), that would force companies to decrypt data under court order. Currently, companies like Apple argue their encryption makes them incapable of unlocking certain types of data.
A pair of lawmakers – House Homeland Security Committee Chairman Michael McCaul (R-Texas) and Sen. Mark WarnerMark WarnerTop Intel Dem: Congress 'far from consensus' on encryption Overnight Cybersecurity: Watchdog seeks release of Clinton aide's deposition Overnight Tech: FCC eyes cybersecurity role | More trouble for spectrum auction | Google seeks 'conservative outreach' director MORE (D-Va.) — worry that such a bill would weaken encryption. They’re pushing legislation that would establish a national committee to study the topic first, then present potential suggestions to Congress about how police could get at encrypted data without endangering Americans’ privacy.
“I’m not a person who argues the imperative is security and that ought to drive everything,” Rogers said Thursday. “Likewise, I’m not a person who says the imperative has got to be privacy and that ought to be everything.”
“We’ve got to meet these two imperatives,” he added. “We’ve got some challenging times ahead of us, folks.”