Uncle Sam’s Right to Know

A long time desire and goal of the telecommunications, Internet and mega-data storage high-tech “industry” – ostensibly in the name of privacy – is to have the marketable ability to store, but simply not be able to retrieve, the encrypted data of its paying customers.

And the idea has recently gotten new life: According to a recent CQ Weekly story by Rob Margetta:

FBI Director James B. Comey went on the record last month as an opponent of Apple and Google’s decision to encrypt cell phone data in a way that it can’t be accessed by law enforcement, and [White House cybersecurity czar] Michael Daniel said that he’s not a fan of such action either.

Although Daniel didn’t go as far as Comey, who told reporters the phone designers were holding themselves and their customers “beyond the law,” the cybersecurity czar said that encryption should be done in a way that agencies can obtain information in a court-approved process.

“Even things that are in safes can be accessed with a warrant,” Daniel said. “We don’t want to have something utterly beyond the reach of law enforcement.”

The first time I encountered these industry arguments was in the late 1990s when I was general counsel for the U.S. Senate Select Committee on Intelligence. And, when I heard the idea fully explained, I suspected that the information industry was not concerned about privacy but instead profits. I still do.

Nevertheless, the idea has broad appeal to some privacy advocates, and could also gain political favor, especially from those who don’t think too deeply about the implications of the concept.

Technically, such a capability is not all that difficult – however, the policy and legal aspects of such technologies are the most perplexing. To begin with, do we have the right to keep any information we choose private from everybody, including the government? If we do, then the technologies – and private companies that implemented this principle – would simply be an exercise of that right. However, we don’t have and never have had, even in our unique democratic society, that broad and unconditional right of privacy. Nevertheless, we sometimes forget this, especially in today’s information-focused age with its heightened awareness of individual privacy.

Ironically perhaps, but especially in discussions such as these, I’m always reminded of the wisdom of my late mother: One day she and I were watching a report on privacy and so-called government snooping. And my mom said, “I don’t think the government should be listening to anyone’s telephone conversations.” I responded, “OK, mom, but what about terrorists, spies and kidnappers?” She thought about it for a second and said, “Well, those kind of people … for sure.” Sounds like my mom and the FBI director, who also was the former deputy attorney general in the George W. Bush administration, are in basic agreement on this issue – as I’m sure most thoughtful people would be.

In fact, as CQ Roll Call’s Margetta reported last week:

Comey on Thursday criticized the default encryption standards Apple and Google are building into their phone, tablet and computer systems and suggested that the government should force companies to adopt a single encryption standard that law enforcement can access.

The country needs “a regulatory or legislative fix to create a level playing field, so that all communication service providers are held to the same standard, and so that those of us in law enforcement, national security and public safety can continue to do the job you have entrusted us to do, in the way you would want us to,” Comey said during a forum at the Brookings Institution.

And, at this point in the discussion, the issue shifts to a much more traditional one: That is, the reasonableness – lawyers would say “the constitutionality” – of the government’s need to look at someone’s personal data of most any kind. And also, of course, this puts us right back into the current debate about telephone “metadata” and some of the other programs run by the National Security Agency, FBI and state and local law enforcement agencies, especially in the context of the “war on terror.” In this respect, most of us also understand – like my mom did – that going after terrorists, spies and criminals is and has always been a legitimate and necessary function of government, an exercise of its responsibility for our collective public safety and national security.

The extent to which we authorize (or allow it to happen) usually is in direct relationship to the threats we perceive; so, right after 9/11, for example, several programs were authorized by the president and later by Congress that have recently been brought into question. Did we “overreact” because of 9/11? Maybe it looks that way to some, especially in hindsight – but hindsight is always 20-20. Furthermore, very few of us were concerned about the privacy of the bad guys – or anyone who knew them or who had ever talked to them – as the World Trade Center fell down, the Pentagon burned and the heroic passengers gave their lives to keep the fourth hijacked airplane from hitting the Capitol or the White House.

The lesson? Privacy and security are, at least over the longer run, always a delicate balance, and the scale tips back and forth in relation to how our elected leaders perceive the various threats against us. Is it, or will it ever be in perfect balance? Probably not, but most all of us would like to have it there.

 

This article appeared in the U.S. News & World Report at

http://www.usnews.com/opinion/blogs/world-report/2014/10/20/you-have-no-absolute-right-to-privacy-including-in-your-data-encryption?int=a7bd09

Partner & Fellow Blogs