Trump Administration May Ban Encrypted Messaging Apps
Government officials want tech companies to put backdoors in encrypted communications apps — and may turn to Congress to make it happen.
Right now, you can chat with a friend using a number of messaging apps — be they iMessage, Facebook Messenger or WhatsApp — and be confident that your conversation is completely encrypted from one end to the other, unable to be intercepted by third parties. But if some of President Donald Trump's top security officials have their way, that peace of mind will be a thing of the past.
The story comes by way of Politico, which reported last week that second-in-command officials of several U.S. government agencies convened at the White House for a National Security Council meeting.
The topic: whether to ask Congress for legislation that would force Apple, Facebook and the like to build a government backdoor into encrypted messaging technologies and partly resolve the "Going Dark" issue that has vexed law enforcement for more than a decade.
The so-called "Deputies Committee" has reportedly not yet decided how to broach the issue, according to Politico’s anonymous sources. Two plans apparently under consideration were to either directly request legislation from lawmakers, or to issue a general statement stating the council’s position on encryption.
Differing attitudes among government departments reflect the complexity of the issue. For many years, the FBI and Department of Justice have said that the encryption status quo needs to be demolished so that criminal investigations can be conducted effectively.
The Commerce and State Departments have been concerned about the national-security implications of forcing tech firms to utilize less-robust encryption methods that the U.S. government can break.
Politico reports that the Department of Homeland Security is "internally divided" on the issue. Its former head, Michael Chertoff, has publicly come out in favor of civilian use of strong encryption, along with Mike McConnell, a former head of the NSA.
MORE: Best Encrypted Messaging Apps
Sign up to get the BEST of Tom's Guide direct to your inbox.
Get instant access to breaking news, the hottest reviews, great deals and helpful tips.
Should such a law pass, end-user privacy would likely be crippled as it would be easier for malicious parties, or foreign governments, to intercept individuals’ conversations through the backdoors intended for U.S. law enforcement.
On the flip side, criminals and terrorists might turn to lesser-known encrypted messaging apps like Telegram and Signal to discuss their plans. Telegram, already used by Islamic terrorists, is not a U.S. company, and Signal is an open-source project that anyone in the world can replicate. The U.S. could try banning both from American app stores, but that wouldn't stop Android users from side-loading the apps onto their phones.
The "Going Dark" issue has been bouncing around Washington since about 2005, when the FBI and DoJ began warning officials that they'd soon be unable to tap into communications or read encrypted stored data even with a warrant, a prediction that soon became true.
The administrations of George W. Bush and Barack Obama took no action on the issue, and congressional bills mandating government backdoors went nowhere. FBI Directors James Comey and Christopher Wray pleaded for it in vain, as did former U.S. Attorney General Loretta Lynch, but Silicon Valley has been resolutely opposed.
The National Security Council’s meeting last week represents the government’s first step toward restricting encryption since the December 2015 San Bernardino, California, terrorist attack and workplace shooting. The FBI asked for Apple’s help in accessing a locked iPhone used by one of the shooters, but Apple refused to comply because the company would have had to fundamentally undermine its own encryption standards.
The San Bernardino case was somewhat different from what the NSC Deputies Committee reportedly discussed last week, since the shooter's locked iPhone held encrypted stored data — "data at rest" in industry jargon. End-to-end encrypted messaging involves "data in motion," and cracking that may require different technological and legal methods.
Ultimately, the FBI was able to break into the iPhone without the company’s help and found nothing of significance. Apple responded by building a new security measure into iOS 11 the following year — USB Restricted Mode, which prevents iPhones from communicating with connected devices once they've been locked for a certain period of time.
USB Restricted Mode was designed to curtail tools like GrayKey, which are commonly used by law enforcement to break into authenticated iPhones when a password or PIN code isn't known.
It’s unclear where the encryption discussion will lead next. However, the security community within the government finally appears willing to force the issue again — so we'll likely be hearing more on this topic for months to come.
Adam Ismail is a staff writer at Jalopnik and previously worked on Tom's Guide covering smartphones, car tech and gaming. His love for all things mobile began with the original Motorola Droid; since then he’s owned a variety of Android and iOS-powered handsets, refusing to stay loyal to one platform. His work has also appeared on Digital Trends and GTPlanet. When he’s not fiddling with the latest devices, he’s at an indie pop show, recording a podcast or playing Sega Dreamcast.