Feedback
Tech

FBI Director Says Encryption Poses Law Enforcement Challenge

Image: Comey testifies before a Senate Appropriations Subcommittee hearing on the FY2015 budget justification for the FBI, on Capitol Hill in Washington

U.S. Federal Bureau of Investigation (FBI) Director James Comey testifies before a Senate Appropriations Commerce, Justice and Science, and Related Agencies Subcommittee hearing on the FY2015 budget justification for the FBI, on Capitol Hill in Washington March 27, 2014. REUTERS/Jonathan Ernst (UNITED STATES - Tags: POLITICS CRIME LAW BUSINESS) JONATHAN ERNST / Reuters, file

Widespread digital encryption presents a massive challenge to law enforcement, FBI Director James Comey told lawmakers at back-to-back hearings on Wednesday, urging Silicon Valley to come up with a solution.

"Our job is to look at a haystack the size of this country to find needles that are increasingly invisible to us because of end-to-end encryption," Comey told the U.S. Senate Committee on the Judiciary.

The U.S. government has been criticized by privacy advocates and tech firms for requesting a "back door" to access private user data on encrypted systems — a measure that could leave that same technology open to hackers.

When asked at the second of two Capitol Hill hearings on Wednesday how many FBI investigations have been stymied by encrypted messages, Comey said he didn't have a number because officers were hesitant to pursue leads that involved end-to-end encryption.

"It's like proving a negative," Comey said. "When my folks see something that is encrypted, they move on."

Silicon Valley companies have mostly been opposed to giving law enforcement this kind of access. Comey warned that fully encrypted communications — which only allow the sender and recipient of a message to read it — left criminal investigators in the dark.

"People watch TV and think the FBI has a way to break that encryption," Comey said. "We do not."

Kaspersky on the Need for Government Regulation 1:55

Comey and Sally Yates, deputy attorney general for the Department of Justice, both disputed the idea that the government wants a "back door" to encrypted data.

"We're not seeking a front door, back door, or any other kind of door," Yates said in her testimony.

Instead, she said, federal law enforcement wants tech companies to somehow retain data that might be accessed later during investigations.

"Even when we have the authority to search digital communications, we can't get the information that we need," Yates said, arguing that user data is becoming "warrant-proof."

Read More: Intelligence Agencies Go Back to Old-Fashioned Paper After Massive Hacks

As an example of what could be done, Comey pointed to companies that were able to see messages on their servers before those messages reached their destination.

New York District Attorney Cyrus Vance also testified before a Senate committee on Wednesday. He claimed that out of 92 iPhones running iOS 8 —which don't let anyone, even law enforcement, bypass the user pass code — confiscated by the NYPD over a nine-month period, 74 of them were inaccessible to investigators.

In addition to local law enforcement concerns, Comey warned that ISIL members had 21,000 English-language followers on Twitter, some of whom have been prompted to communicate through encrypted messaging platforms.

"This is not your grandfather's al Qaeda," Comey said.

Comey acknowledged the risk that hackers might steal consumer information using access given to the government. He didn't offer any technical solutions, but instead put the responsibility on tech companies to find a way to keep data both secure and available to the government.

"Maybe this is too hard," he said. "But given the stakes, we need to give it a shot."