Inserting backdoors into encryption software is “not the answer” to battling crime, the former head of MI5 told Business Insider.
Over the last few months, debate has raged between security experts and law enforcement over the correct way to approach encryption — the act of scrambling data or communications in such a way that it cannot be understood without the correct key or password.
Since the Snowden revelations about US mass surveillance, companies like Apple and Google have increasingly introduced strong encryption into their products that even they cannot decrypt under any circumstances. This is much to the chagrin of many in law enforcement, who fear that data is “going dark,” and that they are losing access to vital evidence. But security experts counter that any “backdoors” in software to let law enforcement bypass these security protections would be open to abuse and make users less safe. “You can’t build a backdoor that only the good guys can walk through,” cryptography expert Bruce Schneier says.
James Comey, head of the FBI, has been a vocal critic of encryption, calling for tech companies to give law enforcement “front door” access to encrypted data to help tackle terrorist threats like ISIS. Europol chief Rob Wainwright has called encryption the “perhaps the biggest problem” in tackling terrorism.
David Cameron has previously been critical of encrypted communications, asking in a speech in January whether “we want to allow a means of communication between two people which even in extemis with a signed warrant from the home secretary personally that we cannot read? … My answer to that question is no, we must not.” But after deliberating, the Obama administration has opted not to try to impose limits on encryption, instead opting to “continue the conversations with industry,” Comey told a Congressional committee earlier this month
Business Insider spoke to Lord Evans, the Director-General of British spy agency MI5 between 2005 and 2013, after he gave a speech at the Good Exchange cybersecurity summit in London on Tuesday. He said that encryption technology makes things significantly harder for authorities, and that British spying laws need updating — but that inserting backdoors to allow covert access for law enforcement is “not the answer” because of the risk they could be exploited by others.
Lord Evans has previously called for surveillance laws to be “brought up to date.” In a column written for The Telegraph in January 2015, he said that intelligence agencies’ legal powers “were not designed for the current digital world. Increasing areas of digital communications are beyond the reach of law enforcement and they are being exploited by those who wish us ill and prey on the vulnerable.”
He told Business Insider there is not currently a “satisfactory” answer on how to deal with this.
Former NSA boss Michael Hayden does not support backdoors in encryption, Motherboard reported earlier this month. Discussing failed efforts to curtail encryption in the Nineties, Hayden said: “in retrospect, we mastered the problem we created … We were able to do a whole bunch of other things. Some of the other things were metadata, and bulk collection and so on.”