As I sat there in the awkward silence, I mused over the key escrow debate. Key escrow is a procedure whereby part or all of a key is made available to a third party so that it can be recovered without the direct consent of the owner. The FBI would like to be able to use search warrants to access cryptographic keys used by private citizens. The FBI would like all domestic users of cryptography to place their keys in escrow. With the US government acting as the escrow agent, the FBI can gain access to these keys when the courts deem it appropriate.
Not long ago, the director of the FBI, Frank S. Samuelson, had gone before Congress to argue in favor of key escrow. A colleague had sent me a transcript of the opening remarks prepared by Samuelson. Among other things, he had said:
In a very fundamental way, conventional encryption has the effect of upsetting the delicate legal balance of the Fourth Amendment, since when a judge issues a search warrant it will be of no practical value when this type of encryption is encountered. Constitutionally-effective search and seizure law assumes, and the American public fully expects, that with warrant in hand law enforcement officers will be able to quickly act upon seized materials to solve and prevent crimes, and that prosecutors will be able to put understandable evidence before a jury. Conventional encryption virtually destroys this centuries old legal principle.
The references to a centuries old legal principle and to the upsetting of a delicate legal balance irked me most when I read this. What Samuelson fails to note anywhere in his speech is that the delicate balance to which he refers is so very delicate that it has swayed back and forth numerous times throughout the history of civilization. The latest swing is but the most recent fluctuation of many. There is no more reason to be alarmed with the current change than with any other shift.
Yes, as Samuelson says, the law and the public expect law enforcement to present any evidence that is obtainable (after getting a search warrant). I agree. Unfortunately for the Jonny, Agnes, and their associates, the content of recorded communications may no longer be obtained as easily as it once was. So be it; if the information is not obtainable, then neither the law nor the public expects law enforcement to be able to present it as evidence.
Surely nobody, including Samuelson, thinks that law enforcement should present as evidence the private musings of a suspected criminal. Such information is unobtainable, as everybody is well aware. Nobody expects the FBI to be mind readers. The FBI is expected only to present obtainable information.
If the FBI seizes my sneakers, they would be expected to attempt to learn as much as possible about them — e.g. the manufacturer — but if they are unable to determine where I was walking a year ago, even after careful examination of my sneakers by forensics experts, then does this mean that we must feel obligated to impose social constraints that make such information apparent from my sneakers? The suggestion seems ludicrous. Yet the only difference between the sneaker example and key escrow is that sneakers are common-place and well-understood. Cryptography is still new and unfamiliar to most people.
Nobody at the FBI complained when advances in technology opened up entirely new sources of evidence. Wire-tapping and electronic listening devices (bugs) are but two modern examples of technology that lend more power, not less, to a search warrant. It is now commonplace for whispered conversations, well out of ear-shot of the closest human being, to be obtainable by law enforcement. If Samuelson is going to appeal to the “centuries old legal principle” of search and seizure, then he must concede that the “delicate balance” has long since been destroyed. Encryption does not “virtually destroy” a centuries old legal principle, it merely sets it back closer to where it was a scant forty years ago, to a time when electronic surveillance was not practical.
I say let the FBI use wire-taps to collect any information they can (when they have a search warrant). There is no need to be alarmist about this. Should we ban water sprinklers and stereos? After all, people often use both of these devices to drown out personal conversations when they suspect they are being bugged. Do stereos represent a threat to American public safety? Of course not. To put the whole key escrow debate in context, one should keep two thoughts in mind:
- modern encryption takes away two search and surveillance tools — wire-tapping and access to computer files;
- both of these tools are themselves only recent developments.
It is hard to believe that a temporary setback, one that cancels some of the advantages brought about by other recent developments, will wreck havoc on our way of life. Has wire-tapping become such an integral part of American public safety in the few decades it has been feasible that any reduction in its effectiveness represents a potential collapse of society? To answer in the affirmative seems far-fetched, especially in light of other recent advances in forensics (e.g. DNA evidence, high-resolution satellite images).
Methinks Samuelson exaggerates the threat to national security and public safety. More likely he is fiercely guarding an advantage attained about forty years ago by law enforcement — an advantage he should have realized was undoubtedly only a temporary fluctuation in the periodic ebbing and flooding of the tide that is the game of cops and robbers.
Granted, when the beneficial uses of a new technology have been limited, and the detrimental uses apparent, our society has a history of restricting use. Guns must be registered, for example. Some narcotics are banned. But cryptography is different in that the primary use is beneficial — protecting the privacy and integrity of remote communications. Banning or otherwise restricting cryptography is closer to banning automobiles than it is to banning firearms. Jonny’s analogy was a good one, but I would take it a step further and draw a parallel between key escrow and a requirement that all cars have built-in rev-limiters to slow them down to less than 50 mph… except for police cars which would be capable of 80 mph so that law enforcement officers can chase and catch suspected criminals. This speed advantage would enable police to “quickly act upon obtained information to solve a case,” as Samuelson claims the American public demands.