McCain pushes for encryption legislation in fight against ISIS

McCain pushes for encryption legislation in fight against ISIS

Sen. John McCainJohn Sidney McCainTrump gives nod to vulnerable GOP Sen. McSally with bill signing Democrats need a 'celebrity' candidate — and it's not Biden or Sanders Juan Williams: The high price of working for Trump MORE (R-Ariz.) is calling for legislation that would require tech firms to build their products in such a way that they can crack open encrypted content in response to legal requests from authorities.


"By taking advantage of widely available encryption technologies, terrorists and common criminals alike can carry out their agendas in cyber safe havens beyond the reach of our intelligence agency tools and law enforcement capabilities. This is unacceptable," the Senate Armed Services chairman writes in a Bloomberg op-ed.

McCain’s proposal would not dictate “what those systems should look like.” Instead, it would require “technological alternatives” to end-to-end encryption, which prevents even the manufacturer from accessing communications.

“This would allow companies to retain flexibility to design their technologies to meet both their business needs and our national security interests,” McCain said. 

The proposal comes with lawmakers increasingly divided on the need for legislation to address encryption technology.

The top two members of the House Intelligence Committee said last week that they have not made any decisions about endorsing a bill regulating encryption standards.

“I don’t think we’re any closer to a consensus on that than we were, I think, six months ago,” Rep. Adam SchiffAdam Bennett SchiffHouse Dems demand Barr cancel 'inappropriate' press conference on Mueller report Dems attack Barr's credibility after report of White House briefings on Mueller findings Congress won't get Mueller report until after Barr press conference MORE, the committee’s top Democrat, said at a Christian Science Monitor breakfast. “Or if there is a consensus, it is that a legislative solution, I think, is very unlikely.”

Following the deadly terrorist attacks on San Bernardino, Calif. and Paris, fears that terrorists were using encryption technology to plan attacks beyond the reach of U.S. surveillance sparked a number of lawmakers to call for new legislation.

Senate Intelligence Committee Chairman Richard BurrRichard Mauze BurrThe Hill's Morning Report — Assange indictment adds new legal, political drama at DOJ Senate Intel chair: Assange put 'millions of lives at risk' Kudlow says Trump administration opposes government intervention in 5G MORE (R-N.C.) is working on a bill with his committee’s ranking member, Sen. Dianne FeinsteinDianne Emiel FeinsteinOnly four Dem senators have endorsed 2020 candidates GOP senators divided on Trump trade pushback Congress opens door to fraught immigration talks MORE (D-Calif.), that would force companies to decrypt data under court order.

But tech companies and cryptologists have pushed back, arguing that providing any guaranteed access to law enforcement opens up the day-to-day functions of the Internet — like banking — to hackers.

“There have been people that suggest that we should have a backdoor. But the reality is if you put a backdoor in, that backdoor's for everybody, for good guys and bad guys,” Apple CEO Tim Cook said in a December interview with “60 Minutes.”

Last fall, Apple rejected a court order to turn over communications sent using its iMessage feature, citing its encryption system.

McCain alluded to those concerns, but insisted “this is not the end of the analysis.”

“We recognize there may be risks to requiring such access, but we know there are risks to doing nothing,” McCain writes.

He compared his proposal to wiretap laws enacted in the 1990s that required telecommunications providers to “enable law enforcement officials to conduct electronic surveillance pursuant to court order,” but did not dictate the technology’s design.

Some lawmakers have taken a more measured approach. House Homeland Security Committee Chairman Michael McCaul (R-Texas) and Sen. Mark WarnerMark Robert WarnerGOP senators divided on Trump trade pushback Hillicon Valley: Trump unveils initiatives to boost 5G | What to know about the Assange case | Pelosi warns tech of 'new era' in regulation | Dem eyes online hate speech bill Warner looking at bills to limit hate speech, have more data portability on social media MORE (D-Va.) — worry that a bill like Burr’s and Feinstein’s offering would weaken encryption.

They’re pushing legislation that would establish a national committee to study the topic first, then present potential suggestions to Congress about how police could get at encrypted data without endangering Americans’ privacy or security.

McCain echoed FBI Director James Comey, who in recent months has sought to recast the question of how to provide access to encrypted data as a business challenge, not a technological one.

“We have to encourage companies and individuals who rely on encryption to recognize that our security is threatened, not encouraged, by technologies that place vital information outside the reach of law enforcement,” McCain wrote.

“Developing technologies that aid terrorists like Islamic State [in Iraq and Syria] is not only harmful to our security, but it is ultimately an unwise business model.”