Encryption protects our privacy and stops hackers, but it also hides criminals and terrorists. So what should we do?
That was the question the House Energy and Commerce Committee asked the FBI and other law enforcement heads on Tuesday. Apple and other tech insiders also testified in a separate panel before the committee Tuesday about allowing encryption in tech products without hampering law enforcement.
So far, concrete answers have been hard to come by. No simple solution has been proposed, at least not one the government and tech companies can agree on.
"We support strong encryption," said Amy Hess, executive assistant director for science and technology at the FBI. She added that the agency understands the usefulness of encryption, but that companies need to find ways to give investigators user data when a warrant requires it.
Her comments hint at the encryption battle raging between the government and private sector. Tech companies continue to build stronger encryption, which scrambles data so it can be read only by the right person, into their devices and services. The government keeps filing court cases and drafting legislation to make companies break that encryption. The debate reached a crescendo earlier this year when FBI tried to force Apple to help unlock an iPhone 5C tied to December's terrorist attack in San Bernardino, California.
Hess said the FBI already works with a number of companies that keep user data safe from hackers while still complying with court orders. However, she didn't name any companies or describe how they accomplish this.
Asked if the government and private industry have an adversarial relationship, Hess said, "I hope not."
Charles Cohen, commander of the Indiana State Police's Office of Intelligence and Investigative Technologies, was more blunt. He said companies didn't have a problem complying with court orders in the past because they had keys to break their own encryption when given a warrant. That has changed in the past two years with the rollout of default encryption on devices and services that even companies can't break.
"Apple solved a problem that does not exist," said Cohen, adding that default encryption was unnecessary.
During the second half of the hearing, Apple General Counsel Bruce Sewell emphasized how much the company currently helps law enforcement. Citing a recent abduction of a teenage girl, he said the company helped law enforcement track her location so she could be rescued and her kidnapper caught.
But when pressed on whether Apple will help law enforcement solve the encryption conundrum, Sewell said the company had offered to meet so that each side could understand the other's perspective. That was before the US Department of Justice pursued a court order to force Apple to unlock the San Bernardino shooter's iPhone. However, Sewell said, the meeting offer still stands.
"If we can get out of the lawsuit world," he said, "let's start cooperating."
Sewell also insisted that Apple and other technology insiders think law enforcement agencies shouldn't focus only on encrypted phones because the digitally connected world means there's much more information available for investigations now than there ever has been.
"We see the world in a very different way," Sewell said. "We see that there's an abundance of information. This will continue as...an Internet of Things becomes reality."
To which US Rep. Tim Murphy (R-Penn.) replied, "I have no idea what you just said."
reading•Apple, FBI renew encryption debate before Congress
Mar 17•Apple event set for March 27, Microsoft creates new division
Mar 16•Apple event on March 27 to focus on education
Mar 16•Apple imagines a world where you unlock everything with your face
Mar 16•How to listen to TV in a noisy room