NEGATIVE - DISADVANTAGE – PRIVACY HURTS SECURITY

NEGATIVE - DISADVANTAGE — PRIVACY HURTS SECURITY — PROMOTING 202

ENCRYPTION INCREASES CRIMINAL ACTIVITY

EXTENSIONS

ENCRYPTION TECHNIQUES WILL DAMAGE LAW ENFORCEMENT AT ALL LEVELS

NEAL THOMPSON; The Buffalo News, February 2, 1999, SECTION: CLICK, Pg. 8E TITLE: WHITFIELD DIFFIE'S CRUSADE FOR PRIVACY // acs-EE2001

At a cryptography conference in Washington in June, Diffie flitted from seminar to pay phone to his laptop. From the last row of the auditorium, he listened to Deputy Attorney General Robert Litt defend the government's control over encryption.

"We're not trying to ban encryption. It's good for privacy; it's good for business," Litt said. "But it will have an adverse effect on law enforcement's ability to protect you. We're not only talking about the FBI and the NSA that'll be affected. We're talking about every police department in the country."

EASING ENCRYPTION CONTROLS WILL BE A DEVASTATING BLOW TO LAW ENFORCEMENT AND ACTION AGAINST TERRORISTS

The Boston Globe, July 14, 1999, SECTION: ECONOMY; Pg. E2 TITLE: Reno, Freeh: Don't ease controls on encryption; Scrambling technology a threat, they say // acs-EE2001

Any further easing of restrictions will make US-made encryption products all the more available and "will be devastating to law enforcement and damage national security," Freeh told the House Armed Services Committee. It would also reduce any incentive for industry voluntarily to develop technology both to protect electronic commerce and to give law enforcement a "key" to unscramble the information with a court's approval, Freeh said.

"Terrorists are now actually using encryption, which means that in the future we may wiretap a conversation in which the terrorists discuss the location of a bomb soon to go off, but we will be unable to prevent the terrorist act because we cannot understand the conversation," Reno said.

ENCRYPTION TECHNOLOGY MUST BE BALANCED WITH SAFETY ISSUES CONCERNING TERRORISTS AND CRIMINALS

Charles Barry Smith, Supervisory Special Agent/Unit Chief of the FBI's Digital Telephony and Encryption Policy Unit, 1999 / 2000; Journal of Legislation and Public Policy, "CURRENT U.S. ENCRYPTIONREGULATIONS: A FEDERAL LAW ENFORCEMENT PERSPECTIVE," EE2001-hxm lxnx

[*13] We, in the law enforcement community - whether at the federal, state, or local level, think that is great. We support an encryption policy that allows users to have the strongest, most powerful encryption available to them to protect their private communications and their sensitive stored data. We support that. What we are concerned about, however, are criminals and terrorists that threaten public safety by using commercially available encryption products to prevent law enforcement from engaging, pursuant to the Fourth Amendment, in reasonable searches based on probable cause of criminal activity. We believe this represents a serious threat to public safety.

DRUG TRAFFICKERS USE ENCRYPTION TECHNOLOGY TO EVADE POLICE

On another front, increasing numbers of drug traffickers along the southwest border of the United States are using encryption technology. As Agent Rohmer mentioned, the Drug Enforcement Administration (DEA) has now had over 500 individual intercepted telephone calls at the command and control level where drug cartels were using commercially available encryption products to encrypt their cellular phone conversations to prevent effective execution of the [*16] court-ordered intercept. n18 Currently, these products do not have a means through which law enforcement, acting pursuant to a Fourth Amendment court order, can gain plaintext access to the encrypted communication.

LAW ENFORCEMENT AGENCIES OPPOSE ENCRYPTION TECHNOLOGY BECAUSE IT HINDERS THEIR ABILITY TO DO THEIR JOB

Now, let me discuss law enforcement's ability to break encrypted information. The law enforcement community, unlike the intelligence community which is protected by export controls, is in the business of gathering evidence, not intelligence. Part of that process involves taking that evidence into a court of law. Under the Sixth Amendment, law enforcement must articulate how we obtained that evidence. As a result, law enforcement must divulge its capabilities to the defendant in open court - not specifically how we do it, but that we have a particular capability. Given this requirement, the capabilities of the intelligence community to decrypt encrypted information are not available to law enforcement, as it would undermine the intelligence community's mission if their capabilities had to be revealed.

Absent some form of key recovery or recoverable method, n19 a brute force attack will not meet law enforcement needs. If we are working on a terrorist case and intercept a communication that we believe to be in furtherance of criminal activity, and that communication is encrypted - say with PGP, which is 128 bit encryption, a brute force attack to decode one PGP message, using a Cray computer, would take nine trillion times the age of the universe. If a communication involves a plot to shoot down a jumbo jet out of O'Hare Airport, and I intercept that communication but cannot obtain the plaintext to prevent the attack, I am going to find out about it only after that plane goes down. That is not a hypothetical - it actually occurred in Chicago. We prevented a jumbo jet from being shot down because we used a wiretap; fortunately, the terrorists were not using encryption. This is our greatest fear, that, one day, a terrorist attack will succeed because law enforcement could not gain immediate access to the plaintext of an encrypted message, lawfully seized prior to the attack being carried out. This is why the law enforcement community is advocating that commercially available encryption products have some technical means that allow a law enforcement agency, acting pursuant to a Fourth Amendment warrant, to gain immediate [*17] plaintext access to those lawfully intercepted, encrypted, criminally related communications or those lawfully seized, encrypted, criminally related computer files; that way, we can effectively carry out our public safety mission.