McCain: Inaction on encryption 'furthering the cause of child pornographers'

McCain: Inaction on encryption 'furthering the cause of child pornographers'
© Getty

At a Senate Armed Services Committee hearing Thursday, Chairman John McCainJohn Sidney McCainTrump gives nod to vulnerable GOP Sen. McSally with bill signing Democrats need a 'celebrity' candidate — and it's not Biden or Sanders Juan Williams: The high price of working for Trump MORE (R-Ariz.) lashed out at colleagues for not mandating all encryption be accessible by law enforcement. 

“We are furthering the cause of child pornographers and human traffickers,” said McCain about the continued inaction of Congress. 

The witness pool was a largely one-sided affair in what is normally a controversial issue. The hearing featured Kenneth Wainstein, a former assistant attorney general for national security at the Department of Justice; John Inglis, the Robert and Mary M. Looker professor in Cyber Security Studies at the Naval Academy; and Cyrus Vance, the district attorney for Manhattan. All were in favor of regulating encryption. 

In his introductory remarks, McCain said Apple Chief Executive Tim Cook was invited to speak at the meeting and declined. 

Vance said his office had more than 310 phones running undecryptable versions of Apple iOS. Those phones could contain data relevant to criminal or terrorism cases. Vance said he advocated federal legislation for all phones made or sold within the U.S. to hold all data in a way that is accessible to the manufacturers. 

“The solution, spelled out in our 2015 report, doesn’t require new technology, or any government back door,” he said. 

Most security experts bristle with both counts — very few draw a distinction between the security risks caused by a government back door and a manufacturer one. The Stuxnet virus, famously, was based on a breach of vendor-controlled system keys that were rarely removed from a vault, unlike the perpetually out-of-a-vault keys that would need to be used for a steady stream of government warrants. 

To provide the same high level of security as end-to-end encryption, encryption which only the sender or receiver are able to crack, experts say a system with a back door would require not only new but scientifically impossible technology. 

Encryption is an important tool to protect online banking transactions, keep business documents safe from industrial espionage and prevent personal data from being taken in a breach. 

The United States is not the only country that produces encryption technologies, which like all software is easy to spirit across borders, adding a further wrinkle to its regulation. 

“I don’t think any of you are suggesting — or are you — that we can deal with the apps [ISIS head Abu Bakr] al-Baghdadi is using. I think we need to clarify this discussion,” said Sen. Angus KingAngus Stanley KingAngus King: 'Mueller passed the obstruction question to the Congress and Barr intercepted the pass' Hillicon Valley: Washington preps for Mueller report | Barr to hold Thursday presser | Lawmakers dive into AI ethics | FCC chair moves to block China Mobile | Dem bill targets 'digital divide' | Microsoft denies request for facial recognition tech Dems introduce bill to tackle 'digital divide' MORE (I–Maine). “You’re talking about the Apple case and compelling tech companies to provide access to devices. But am I not correct that Encryption — that’s a done deal?”

“I think it is, sir. It’s a done deal,” said  Inglis. 

But the witnesses, like McCain, were still frustrated by the lack of legislative action to at least take a first step. 

“It’s up to Congress to make the point legislatively, that unless you voluntarily accept a solution to this, it’s of such paramount importance to national security and to the enforcement of our laws that we are going to legislate it,” said Wainstein.