Law enforcement officials are renewing their long-standing calls, in the wake of deadly terrorist attacks in Paris, for limits on encryption technology that can prevent the government from spying on phone and email conversations.
Though U.S. Attorney General Loretta Lynch declined to say Monday whether the suspects in Friday’s attacks on the French capital may have used encrypted communications to hide their plans from authorities, there is already widespread speculation that the Islamist attackers used such technology to keep their plan a secret.
“There has been a significant increase in the operational security of a number of these operatives and terrorist networks as they have gone to school on what it is they need to do to keep their activities concealed from the authorities,” CIA Director John O. Brennan told a Center for Strategic and International Studies audience Monday.
“In the past several years, because of the number of unauthorized disclosures and a lot of hand-wringing over the government’s role in the effort to try to uncover these terrorists, there have been some policy and legal and other actions taken that make our ability to collectively find these terrorists much more challenging,” he said in an apparent reference to Edward Snowden’s leaks about the NSA’s spying programs.
New York Police Department Commissioner William Bratton similarly criticized the way that technology enabled with encryption capabilities has left law enforcement “blind.”
Encryption scrambles communications so that it is impossible to read the messages without a key, and it poses a potential problem for investigators as they ramp up surveillance of suspected Islamic State-inspired operatives in the U.S. to thwart any potential copycat attacks.
“It’s a huge problem for the FBI right now — the going dark phenomenon,” said retired FBI supervisor Nancy Savage, who serves as executive director of the Society of Former Special Agents of the FBI. “The FBI and other agencies cannot get all the communication traffic even with appropriate legal documents requesting it.”
Even if the Paris attackers did not use encrypted technology to “go dark,” Ms. Savage said, it is likely just a matter of time before there is an incident in which a terrorist plan that could have been thwarted instead goes undetected with the help of encryption.
“We’ve had that information before and it’s been vital, and now it’s becoming spotty,” she said.
Privacy advocates fought back against the characterization that encryption was to blame for the attacks or that dismantling such technology was in the public interest.
“These heinous attacks must not be used to justify further erosion of our security, civil liberties or privacy,” said Cindy Cohn, executive director of the Electronic Frontier Foundation. “At this point, there is no confirmation that end-to-end encryption was used by the attackers, much less that the use of that encryption is what led the world’s intelligence services to fail to detect the plot before the tragedy.”
The FBI has open more than 900 probes on suspected Islamic State operatives and other homegrown violent extremists in the U.S., and The Heritage Foundation counts 74 Islamist terrorist plots that are publicly known to have been disrupted in the U.S. since the Sept. 11 attacks.
As investigators of the Paris attacks work to track down those involved, analysts say, they are focusing heavily on any communications with the seven dead attackers — including through text messages, phone calls and online chat rooms. With encrypted communication posing a potential hurdle for investigators, there may be a global push to bring into police custody anyone with possible connections to Islamic State groups.
Additional arrests made in Belgium and France in the days since the deadly attacks are likely part of the effort to locate known contacts in order to disrupt any further plots, said former FBI agent and counterterrorism specialist James Conway.
“That’s all part of what people are doing behind the scenes in terms of identifying the bad guys and going through their telephone calls, their personal associations,” Mr. Conway said. “It is important for the intelligence community to connect the dots.”
“If operators in ISIS are talking to people in the 202 area code, we should know that,” he said, referencing the area code for Washington, D.C., which was the subject of a threat made in a video released online Monday.
Encryption does not appear to have posed a problem in disrupting 11 known terror plots in the U.S. this year, said David Inserra, a homeland security and cyberpolicy analyst with The Heritage Foundation.
In those cases, investigators have frequently launched probes after finding messages posted online through social media that describe the desire to be involved in bombings or other types of attacks. From there, investigators may introduce a confidential informant or an undercover agent to further vet the suspect’s intentions, Mr. Inserra said.
Mr. Conway said the U.S. could develop more robust strategies to pursue suspected terrorists if encryption becomes a problem in investigations, but that most in the intelligence community would rather see backdoors developed to allow law enforcement access to the devices that suspects are using.
“If it goes dark and we lose the capability to collect and conduct electronic surveillance, the world is not going to be a safe place,” he said.
• Andrea Noble can be reached at anoble@washingtontimes.com.
Please read our comment policy before commenting.