ACLU urges Congress to thwart spies by embracing encryption

Digital encryption enables whistleblowers, terrorists and everyone in between to communicate securely and without leaving much of a trace. Now with national security potentially on the line, privacy advocates are imploring lawmakers in Congress to embrace encryption as well.

In a letter to the U.S. Capitol sent Tuesday by the American Civil Liberties Union, privacy advocates warn that the risks of not protecting the communications of congressmen are becoming increasingly significant.

The data breach suffered by the Office of Personnel Management this year is only one of the latest examples to indicate that government-held data is anything but inaccessible to hackers.

Yet as lawmakers continue to weigh crucial matters amid an environment rife with technological insecurities, the ACLU cautioned in its letter that allowing lawmakers to communicate in the clear gives a leg up to eavesdroppers, including foreign intelligence services and tech-savvy criminals alike.

“Ensuring the security of Congressional communications against all interception — whether by foreign governments, criminals or even other branches of the U.S. government or rogue Congressional staffers — would promote both basic liberty interests and national security. Accordingly, we urge you to ensure that members of Congress and staff have the tools and training necessary to protect their communication,” the ACLU wrote in a letter addressed to the sergeants of arms for both the House and Senate.

“As more government communications flow through unencrypted and insecure networks, the threat from foreign and domestic interception alike grows apace. Congress could take easy and cheap steps today to ameliorate that threat,” the letter reads.

Specifically, the ACLU said that lawmakers should consider using mobile apps that are easy to install on Apple and Android smartphones, including programs like Signal and WhatsApp, in order to encrypt government business that might otherwise be intercepted.

The ACLU’s advice comes in the wake of arguments from federal investigators who say that increasingly strong and ubiquitous encryption is hindering the ability of law enforcement and the intelligence community to make sense of digital evidence, be it from a suspected kidnapper’s phone or the email account of radical extremists.

Kiran Raj, senior counsel to the Justice Department’s deputy attorney general, told attendees at an event in Washington on Monday that Apple’s decision last year to enable encryption by default for the iPhone had spawned a “proliferation” of warrant-proof devices.

“There are billions of messages a day that get transmitted that are effectively warrant-proof. There’s millions and millions of devices out there that come out of the box effectively warrant-proof,” Mr. Raj said.

Indeed, the ACLU said in its letter that lawmakers must have the proper tools to ensure they similarly are communicating in a matter that can’t be intercepted.

And well before the OPM breach caused the unsecured data of millions of federal workers to fall into the hands of hackers, the CIA’s spying on Senate staffers involved in drafting last year’s long-awaited torture report suggests the duties of elected politicians aren’t safe from prying eyes within their own government.

“Congress must be able to conduct its business in a secure fashion in the knowledge that communications — with constituents, other branches of government, the media and among staff — are themselves secure. The OPM hack, and the experience of the Senate intelligence committee with the CIA’s facilities, lay bare the need to better protect Congress’s oversight function by guaranteeing the integrity of its communications,” the ACLU said.