AG Barr Fails to Recognize that Encryption Protects Against Real-World Harms in Re-Packaged Call for Encryption Back Doors

Today, U.S. Attorney General William Barr sought to re-state law enforcement’s misguided arguments against strong digital encryption that protects consumers, businesses, and governments from unwanted intrusions into devices and data. In remarks at Fordham University’s International Conference on Cyber Security, AG Barr echoed similar contentions to those used by law enforcement officials in the past, alleging that tech companies should be able to build backdoors into their products that can only be accessed by the government, and that criminal investigations are routinely hampered by so-called “warrant-proof” encryption.

New America’s Open Technology Institute (OTI) has long opposed any efforts by law enforcement to force tech companies to compromise their encryption algorithms. Weakening users’ digital security to create a backdoor for law enforcement would invite hackers and foreign governments to exploit that same vulnerability. AG Barr sought to add urgency to his appeal by claiming that law enforcement has been unable to thwart terrorist attacks and the operations of drug cartels due to the use of encryption, and he tried to portray encryption as protecting only against cybercriminals and online harms. But strong encryption not only allows millions of users to live their lives without worrying that criminals will steal their personal information through their devices, it also saves lives. Encryption protects domestic violence victims and others who may be subject to stalking and criminal behavior that create real-world harms.

Evidence continues to show that the law enforcement case for accessing encrypted devices is built on grossly overstated statistics and faulty reasoning. After top FBI and DOJ officials repeatedly claimed that investigators were locked out of nearly 7,800 encrypted devices related to criminal conduct, the FBI admitted the figure was dramatically inflated, and in truth was likely around 1,200 devices. In today’s speech, although the Attorney General sought to provide anecdotes of cases where investigations were thwarted, he failed to provide any actual statistics or updates to previously discredited metrics. AG Barr’s claim that tech companies could develop an encryption backdoor that does not expose users to additional vulnerability is contradicted by encryption and cybersecurity experts across the field, including at OTI, who warn that anyone could take advantage of exploits built into these systems.

The following quote can be attributed to Sharon Bradford Franklin, policy director at OTI:

“The Attorney General is simply rehashing old and discredited arguments in a new effort to build support for mandating encryption backdoors. His claim that ‘talented engineers’ can find ‘technical solutions’ to provide government with access to encrypted communications fails to recognize that the methods he cites would in fact materially weaken digital security, and that encryption protects lives and safeguards us from online harms.”