Paris terror attacks

Security agencies face encryption nightmare

CIA Director John Brennan speaking at the Centre for Strategic and International Studies in Washington, DC, on Nov 16.
CIA Director John Brennan speaking at the Centre for Strategic and International Studies in Washington, DC, on Nov 16.PHOTO: AFP

WASHINGTON • The deadly Paris attacks have reignited debate on encrypted communications by terror cells and whether law enforcement and intelligence services are "going dark" in the face of new technologies.

The exact means of communication in Friday's strikes were not immediately clear, but US administration officials have said in interviews that the Islamic State in Iraq and Syria (ISIS) has used a range of encryption technologies over the past 11/2 years, many of which defy cracking by the National Security Agency (NSA).

Central Intelligence Agency director John Brennan and other top US national security officials stopped short of calling for new restrictions on Monday, but said terrorism suspects are using technologies to hide their planning and operations from law enforcement and intelligence agencies.

"There are a lot of technological capabilities that are available right now that make it exceptionally difficult - both technically as well as legally - for intelligence security services to have insight that they need," Mr Brennan said at a Washington event.

New York City police commissioner William Bratton echoed those concerns, saying his department is often frustrated by encryption that provides only the users with keys to unlock data.

"We're encountering that all the time," Mr Bratton told broadcaster MSNBC on Monday. "We have a huge operation in New York City working closely with the Joint Terrorism Task Force and we encounter that frequently. We are monitoring (suspects) and they go dark. They are going onto an encrypted app, they are going onto sites that we cannot access. The technology has been purposely designed by our manufacturers so that even they cannot get into their own devices."

"They (the manufacturers) need to work with us right now," Mr Bratton said. "In many respects, they're working against us."

So far, the major US technology companies have spurned appeals from officials to enable access for key investigations and have stepped up encryption efforts following the 2013 leaks about vast surveillance capabilities of the NSA. Only weeks ago, the matter appeared settled, at least temporarily, with a decision by President Barack Obama that it would be fruitless for the government to try to compel the technology companies to provide the keys to protected conversations and data.

But in the light of the bloodletting in France, the debate may change, observers say.

"Evidence that terrorists were, in fact, using strong end-to-end encryption to kill people could be game-changing in a debate that has heretofore been defined by anxieties about NSA," said Mr Benjamin Wittes, a Brookings Institution fellow who edits the blog Lawfare.


A version of this article appeared in the print edition of The Straits Times on November 18, 2015, with the headline 'Security agencies face encryption nightmare'. Print Edition | Subscribe