morning everyone, and -- and thank you for being here this morning,
especially those of you who sat on the tarmac waiting to get into New
York last night through all the heavy weather. And I'd like to -- to thank particularly
Fordham University for hosting
this Conference and
this opening ceremony. And I would like to thank the New York division
of the FBI for their work in putting on this conference together.
As was said, I'm a New Yorker and it's great to get back to New York.
This is my first trip to New York
since becoming Attorney General in the
Trump Administration. In fact, I grew up on the
Upper West Side and then when I came
back into New York to work for Verizon, I actually lived right here
And one of my daughters -- my oldest daughter, Mary, went to
School, and then has had a career in the -- in the Department of Justice as a
narcotics prosecutor for the last 14 years.
Now, when I was at Verizon, we were dealing with the issue of new
digital switches being deployed, and wireless switches being deployed,
and the fact that they there were not accommodating our law enforcement
needs so that we could continue wire-tapping with these switches. And I
spent a lot of the time when I was at the Department of Justice beating
up on the phone companies. And I want you to know -- I want to give you
an indication of my insights into the technological field and my
ability as a prognosticator in -- in this arena.
I remember distinctly a meeting we had in the Attorney General's
conference room where
Jim Kallstrom, who some of you may know
-- at the time he was Assistance Director and later became Director of
Public Safety in New York. Anyway, Jim was trying to explain to me what
he thought -- or what the FBI was thinking -- the trajectory of the
wireless industry would be.
Now, in those days, you know, our phones,
the wireless phones, were like World War II, you know, field phones, and my
detail carried around one, which rarely had reception. We had no
Internet. I mean this was 28, 29, 30 years ago.
So, in any event, he was showing me these sketches and artist renditions
of what the world would look like, and I vividly remember these little
cartoons of businessmen walking down the street like this with a little
thing...a personal communicator in their hand, and then there were
like these lightening bolts going up to towers, you know, spread out throughout the
city. And I was looking at this, and he was explaining why it was so
important to get access to these new switches. I said, "Jim, that looks
Dick Tracy1 to me."
In any event, it didn't turn out to be Dick Tracy. But that "insight"
was enough to get me hired as the General Counsel of Verizon. And
I would say over the last 30 years, cyber-related issues, cyber security,
may well be the most significant differences between my
first tenure as Attorney General and -- and this one. And I've have spent a significant amount of time,
since February when I took office, trying to get up to speed
on -- on all the developments in this arena. And I've been very
impressed and reassured as I've learned about all the investment
and the effort that makes the FBI a leader in this sphere.
Now, as I already said, as individuals and
-- and as a nation we've become dependent on a vast and
expanding digital infrastructure. That, in turn, has made us vulnerable
to cybercriminals and foreign adversaries that target that
infrastructure. And that danger cannot be overstated.
cyber security is a national imperative.
Among the most critical advances in
cyber security has been the
development of advanced encryption techniques and their deployment in a
range of important applications. Encryption provides enormous benefits
to society by enabling secure communications, data storage, and online
transactions. Because of advances in encryption, we can now better
protect our personal information, more securely engage in e-commerce and
-- and Internet communications, obtain software updates, and limit
access to sensitive computers, devices, and networks.
As the Federal Government, we welcome these improvements to privacy and
security, and we will work to preserve and strengthen them. But at the same
time, we must recognize that our citizens face an array of threats to
their safety far broader than just cyber threats, as severe as that
threat is. Hackers are the -- are a great danger,
but so are violent criminals, terrorists, drug traffickers, human
traffickers, fraudsters, sexual predators -- you name it. While we should not
hesitate to deploy encryption to protect ourselves from cybercriminals,
this should not be done in a way that eviscerates societyís ability to
defend itself against all these other types of criminals. In other words,
making our virtual world more secure should not come at the expense of
making us more vulnerable in the real world. But, unfortunately, this is
where we appear to be heading.
Service providers, device manufacturers, application developers are
developing and deploying encryption that can only be decrypted by the
end user or customer; and they are refusing to provide technology that
allows for lawful access by law enforcement agencies in appropriate
circumstances. As a result, law enforcement agencies are increasingly
prevented from accessing communications in transit, or data stored on
cell phones or computers, even with a warrant based on probable cause to
believe that criminal activity is underway.
Because in the digital age
the bulk of evidence is becoming digital, this form of "warrant proof"
encryption poses a grave threat to public safety by extinguishing the
ability of law enforcement to obtain evidence essential to the detection
and investigation of crimes. It allows criminals to operate with
impunity, hiding their activities under an impenetrable cloak of
secrecy. As you know, some refer to this eclipsing of the Governmentís
investigative capabilities as "going dark." While encryption protects against
cyberattacks, deploying it in warrant-proof form jeopardizes public
safety more generally. The net effect is to reduce the overall security
I am here today to tell you that, as we use encryption to
improve cyber security, we must also ensure that we retain societyís ability
to gain lawful access to data and communications when needed to respond
to criminal activity.
This proposition should not be controversial. It simply reflects the
balance struck in the Constitution itself and maintained since the
The Fourth Amendment strikes a balance between the individual citizen's
interest in conducting certain affairs in private and the general
public's interest in subjecting possible criminal activity to
investigation. It does so, on the one hand, by securing for each
individual a private enclave around his "person, house, papers, and
effects" -- a "zone" bounded by the person's own reasonable
expectations of privacy. So long as the individual acts within this
"zone of privacy," their activities are shielded from unreasonable
On the other hand, the Fourth Amendment
establishes that, under certain circumstances, the public has a
legitimate need to gain access to the individualís zone of privacy in
pursuit of public safety; and it defines the terms under which the
Government may obtain that access. When the Government has probable
cause to believe that evidence of a crime is within an individualís zone
of privacy, the Government is entitled to search [for] and seize the
evidence. And the search usually must be preceded by a judicial
determination that "probable cause" exists and be authorized by a
The key point is that the individualís right to privacy and the public
right of access are two sides of the same coin. The reason we are able
-- The reason we are able,
as part of our basic social compact, to guarantee individuals a certain
zone of privacy is precisely because the public has reserved the right
to access that zone when public safety requires. If the public right
of access is blocked, then these zones of personal privacy are converted
into "law-free zones," insulated from legitimate scrutiny.
Since the Founding, advances in technology have disrupted this balance
in different ways. Sometimes, technology creates new spheres of
that the drafters of the Fourth Amendment could never have envisioned, such as the advent of the telephone. Sometimes,
technology gives law enforcement new means to invade privacy that were
previously unimaginable, such as thermal imaging technology. And sometimes,
technology makes it easier for suspects to -- to evade law enforcement even
when there is a lawful basis to investigate, such as the automobile, or, to
bring us back todayís topic, encryption.
With each of these earlier examples, our society has ensured that the
traditional balance between individual privacy and public safety was
maintained. This is reflected in the Supreme Court's jurisprudence.
Katz versus the
United States, the Court held that the Fourth Amendment applied
to the government's bugging of a telephone booth -- even though this technique did
not strictly involve a search of a suspectís person, house, papers, and
Decades later in
Kyllo [v. United States], the Court held
that the Fourth Amendment applied to the use of [a] thermal imaging device
to look inside a home, even though prior doctrine strongly indicated
that government exploitation of light waves emitted from property
was outside the scope of Fourth Amendment protections.
Courtís application of Fourth Amendment protections to the attachment of
GPS tracking devices, to cars -- in the United States versus Jones -- had a
similar effect. In each of those cases, the Court protected privacy
against advances in technology. But of course, law enforcement retained
the ability to bug a phone booth, to use thermal imaging, or
to attach a GPS device if it obtained a warrant.
The same script has played out in reverse with the Supreme Court taking
steps to ensure that advances in technology do not unduly tip the scales
against public safety by preventing effective law enforcement. A notable
example is the automobile. If the zone of privacy was extended to the
automobile -- as a type of "personal effect" or akin to a "mobile house" -- then it
would be difficult, if not impossible, for law enforcement to work
within the traditional requirements that police obtain a warrant [from] a
neutral magistrate before conducting a search and seizure. Even when an
officer had probable cause to seize a car or its contents, the
driver could get away long before the officer could get a warrant. This development threatened again to disrupt that
traditional balance between individual privacy and public safety.
So what did we do? In a series of decisions that started with
United States] in 1925, the Supreme Court articulated an exception to the
traditional warrant requirement which allows police to search and seize
a car without a warrant so long as it can later be shown that they had
probable cause to support the investigation. In other words, we did not
make automobiles a law-free zone. We preserved the constitutional balance
by ensuring that law enforcement retained the practical capability to
conduct a search when lawfully predicated.
The point I hope to -- you take away today is that our societal response to
advances in technology that affect the balance between individual
privacy and public safety has always been, and always should be, a
two-way street. When the advances tip the scale too far in favor of
the Government, the response is to expand privacy protections. And when
these advances threaten public safety by thwarting effective
enforcement, the response should be to preserve lawful access.
By enabling dangerous criminals to cloak their communications and
activities behind an essentially impenetrable digital shield, the
deployment of warrant-proof encryption is already imposing huge costs on
society. It seriously degrades the ability of law enforcement to detect
and prevent crime before it occurs. And after crimes are committed, it
is thwarting law enforcementís ability to identify those responsible or to
successfully prosecute the guilty parties. These costs will grow
exponentially as deployment of warrant-proof encryption accelerates and
criminals are emboldened by their ability to evade detection.
At conferences like this, we talk about these costs in abstract terms.
But they are not abstract; they're real. The costs of irresponsible
encryption that blocks legitimate law enforcement access is ultimately
measured in a mounting number of victims -- men, women, and children -- who
are the victims of crimes, crimes that could have been prevented if law
enforcement had been given lawful access to encrypted evidence. Law
enforcement has generally not wanted to get into specifics about these
cases because details can help sophisticated criminals and terrorists
evade detection. But given the frequency with which these situations
are now arising, it is only a matter of time before a sensational case
crystallizes the issue for the public.
Now, FBI Director Wray will be
later in the week at this conference and will address some of the damage
being inflicted on law enforcement by encryption that blocks lawful
access. But for now, I want to make a couple of points about the extent
of the damage.
Like everybody else, criminals of all stripes increasingly rely on
wireless communications, hand-held devices, and the Internet. This is
especially true of larger-scale criminal organizations that need to
coordinate many conspirators across wide geographical areas. Thus, we
have seen transnational drug cartels increasingly move this -- move their
communications onto commercially available encrypted platforms designed
to block lawful access.
One of the many examples is a Mexican cartel that
recently started trafficking large quantities of finished
Asia to Mexico and then into the United States. The cartel started using
WhatsApp as their primary communication method, preventing U.S. law
enforcement from conducting wiretaps that would have enabled us to locate
the fentanyl shipments and seize them at the border. We also found that the
cartel had used WhatsApp for the specific purpose of coordinating the
murders of Mexic[o]-based police officials. The cartel ended up murdering
hundreds of these police officers. Had we been able to gain access to the chat
group on a timely basis, we could have saved these lives.
So the costs of not being able to gain lawful access in this case were
the lives of the assassinated officers, as well as the many lives
impacted by unimpeded entry into the United States of huge amounts
of deadly fentanyl.
This is just one of the countless examples involving the drug war. Indeed,
in my view,
just the damage done by warrant-proof encryption to our ability to
combat drug trafficking is a cost too high for the public to pay. The tsunami of
opioids, cocaine, and methamphetamine that started surging into the
United States from Mexico in the latter years of the Obama
Administration is one of the greatest dangers to the well-being of our
nation that we face today. In a single year, more Americans die from
drug overdoses than we lost in the entire Vietnam War. In addition to
this death toll, hundreds of thousands of lives are destroyed.
majority of drugs are trafficked into the United States by large,
transnational criminal organizations. In past times, when we have had
considerable [success] in combating the cartels like this, the indispensable
tool has been communications intelligence. And it remains the indispensable tool
today. If our law enforcement agencies do not recover the ability to
gain lawful access to encrypted communications and platforms, the
prospect of successfully prosecuting the drug war by traditional law
enforcement means are dim.
Warrant-proof encryption is also seriously impairing our ability to
monitor and combat domestic and foreign terrorists. As with drug
cartels, we are seeing terrorist organizations moving their
communications to encrypted platforms designed to block lawful access.
Even smaller terrorist groups and "lone wolves" have now turned
increasingly to encryption. We are seeing more and more, as we monitor
terrorist communications, suddenly in the middle of the communication
when they get into sensitive areas they switch to an encrypted app, a
commercially available encrypted app -- in the middle of the
conversation, frequently where they are discussing deadly operations.
2015 terrorist attack in Garland, Texas
still rankles. There, two Islamist extremists carried out an attack for
which ISIS claimed responsibility. On the morning of the attack, one of
the terrorists exchanged approximately 100 instant messages with an
overseas terrorist using an encrypted app. To this date, the
FBI has still not been able to determine the contents of these messages.
The deployment of warrant-proof encryption is seriously diminishing the
communications intelligence we are able to collect against foreign and
Due to the very nature of terrorism, where each actor seeks to inflict
high casualties, encryption that allows terrorists to operate beyond
the reach of lawful surveillance poses an unacceptable risk to the
One further point about the costs imposed on society by warrant-proof
encryption. It is not only about the crimes that we are unable to detect
avoid, or the criminals that escape punishment. Converting the
Internet and communications platforms into a "law-free" zone, and thus
giving criminals the means to operate free of lawful scrutiny, will
inevitably propel an expansion of criminal activity. If you remove any
possibility that the cops are going to be watching a neighborhood, the
criminals already in the neighborhood are going to commit a lot more crimes.
The "going dark" problem is not limited to terrorism or drug cartel
cases. While those cases are vitally important, it is also important
that law enforcement at the federal, state, and local level, who must retain the
ability to investigate and prosecute the full spectrum of crimes that
plague our society. We are aware, for example, that a large, violent gang is
using encrypted apps to "green light" assassinations, and yet, because
we cannot access the messages, we cannot prevent the murders. We also
know that human traffickers and pedophiles use the Internet to
facilitate their crimes, and yet encryption is already impairing our visibility
into some of these activities. With growing -- With the growing availability of
commoditized encryption, it is becoming easier for the most common criminal to
communicate beyond the reach of traditional surveillance. And this problem
is becoming especially acute for our state and local partners, who lack
the resources of the federal government, and the ability to
investigate and prosecute crimes is being seriously impaired.
Now, the Department has made clear what we are seeking. We believe that when
technology provides -- providers deploy encryption in their products, services, and
platforms, they need to maintain an appropriate mechanism for lawful
access. This means a way for government entities, when -- when they have
appropriate legal authority, to access data securely, promptly, and in
an intelligible form, whether it is stored on the device or in
transmission. We do not seek to prescribe any particular solution. Our
private-sector technology providers have immensely talented engineers
who have built the very products and services that we're talking about.
They are in the best position to determine what methods of lawful access
work best with their technology. But there has been enough dogmatic
pronouncements that lawful access simply cannot be done. It can be, and
it must be.
We are confident that there are technical solutions that will allow
lawful access to encrypted data and communications by law enforcement
without materially weakening the security provided by encryption. Such
encryption regimes already exist. For example, providers design their
products to allow access for software updates using centrally managed
security keys. We know of no instance where encryption has been defeated
by compromise of those provider-maintained keys. Providers have been
able to protect them.
We think our tech sector has the ingenuity to develop effective ways to
provide secure encryption while also providing secure legal access. Some
good minds have already started to focus on this, and some promising
ideas are emerging. Our
colleagues at the United Kingdom's GCHQ have proposed "Virtual
Alligator Clips" which allow a provider to respond to a warrant by
adding a silent law enforcement recipient to an otherwise secure chat.
Ray Ozzie has tabled
a proposal for "Exceptional Access Keys" for
locked, encrypted phones so that they can be unlocked pursuant to a warrant.
Matt Tait has proposed
Layered Cryptographic Envelopes to allow lawful
access to encrypted data-at-rest on disks or other storage devices. I am
sure that the putative shortcomings of these ideas have been identified,
which hopefully will spur further refinements and alternative proposals.
And through this dialectic we can identify
a workable solution. I'm not endorsing any particular solution. And we
will likely need different approaches for communications and data in
transit. But I am suggesting that it is well past time for some in the
tech community to abandon the posture that a technical solution is not
worth exploring and instead turn their considerable talent to developing
products that will reconcile good cyber security to the imperative of
public safety and national security. As Microsoftís Bill Gates
has observed, "Thereís no question of
ability; [it's a] question of willingness."2
Some object that requiring providers to design their products to allow
for lawful access is incompatible with some companiesí "business
models." But what is the business's objective? What is their model? Is it "A" --
to sell encryption that provides the best protection against
unauthorized intrusion by bad actors? Or is it "B" -- to sell encryption
that assures that law enforcement will not be able to gain lawful
access? I hope we can all agree that if the aim is explicitly "B" -- that
is, if the purpose is to block lawful access by law enforcement, whether
or not this is necessary to achieve the best protection for bad
actors -- then that is a business model that from societyís standpoint is
illegitimate, and so is any demand for that product. The product
jeopardizes the publicís safety, with no countervailing utility. Few
companies would say that this is their objective.
On the other hand, it is contended that achieving
"B" (the blocking of
lawful access) is essential to achieving "A" (giving the best protection
to [against] bad actors). So, providing for lawful access is collateral
damage to the overarching objective of the best protection against bad
actors. The argument is that a business is thwarted
in its purpose of offering the best possible product unless
it can override societyís interest in retaining lawful access.
hold this view dogmatically, claiming that it is technologically
impossible to provide lawful access without weakening security against
unlawful access. But, in the world of cyber security, we do not deal in
absolute guarantees but in relative risks. All systems fall short of
optimality and have some residual risk of vulnerability -- a point which
the tech community acknowledges when they are proposing that law enforcement
can satisfy its requirements by hacking into the vulnerabilities of their
current products. The real question is whether the residual risk of
vulnerability, which results from incorporating a lawful access mechanism, is
materially greater than those already in the unmodified product. And the
Department does not believe that this has been demonstrated.
Moreover, even if there was, in theory, a slight risk differential, its
significance could not be judged solely by the fact that it falls short of
some theoretical optimality. Particularly with respect to encryption marketed
to consumers, the significance of the risk should be assessed based on
the practical effect on consumer cyber security, as well as its relation
to the net risks that offering the product poses to society. After all,
we're not talking about protecting the nationís nuclear codes here.
We -- Nor are we necessarily talking about the customized encryption used by
large business enterprises to protect their operations. We are talking
about consumer products and services such as messaging, smart phones,
e-mail, and voice and data applications.
If one already has an effective
level of security -- say, by way of illustration, one that protects
against 99 percent of foreseeable threats -- is it reasonable to incur
massive further costs to move slightly closer to some theoretical optimality and
-- and attain, say,
99.5 percent level of protection, especially when the risk being addressed
at that point is
highly remote? Here, a company would not invest its own money to -- to
gain that kind of incremental benefit. And society should not be asked
to pay that cost to accomplish the same purpose.
Now, some argue the best way to achieve
this slight incremental
improvement is worth the cost of imposing those costs on society
in the form of degraded public safety. I think this is untenable -- again using a
crude illustration, if the choice is between a world where we can
achieve a 99 percent assurance against cyber threats to consumers, while
still providing law enforcement 80 percent of the access that it
requires -- that's one world -- or a world where we have boosted our
cyber security to 99.5 percent
for consumers but
at a cost of reducing law enforcement's access to zero percent -- the choice
for society should be clear.
Some who resist lawful access complain it places an unreasonable burden
on companies, who must spend time and resources on developing and
implementing a compliance mechanism. To that I say, "That's
part of being part of civil society." We regularly expect -- and often mandate if necessary --
that our companies take steps to ensure that their products and services
do not impose negative externalities on the public. If my business plan
is to sell sawed-off shotguns, that's tough. We, as a community, have
the right to say, "No, we don't care if that's your business plan. The
barrel has to be this long." Sometimes,
this requires prohibiting certain products altogether; and other times it
requires modification of products so that they are compatible with the public
Further, the burden is not as onerous as some make it out to be. I
served -- as it was said here -- for many years as the general counsel of a
telecommunications company (GTE and then Verizon). And during my tenure, we dealt with these issues
and lived through the passage of CALEA -- the
Communications Assistance [for] Law Enforcement Act.
Now, the debate we were having -- that I mentioned at the beginning of
my speech about companies mak[ing] their switches, their new switches
available to us in a way that allowed us to conduct the normal
Title III interceptions that we had
traditionally performed. And that Act imposes a
statutory duty on telecommunications carriers to maintain the capability
to provide lawful access to communications over their facilities.
And that has gradually been extended to cable companies, and
even to Voice Over Internet Protocol [VoIP]
Companies bear the cost of compliance but
they have flexibility in how
to achieve it; and the system has by and large worked. It is absurd to
think that we would preserve lawful access by mandating that physical
telecommunications facilities be accessible to law enforcement for the
purpose of obtaining content, while allowing tech providers to block law
enforcement from attaining that very content.
The United States is not alone in -- in addressing this issue. In fact, many
of our international partners, such as the UK and Australia, are already
moving on a statutory framework to address it. American companies have an opportunity to
advance their interests by setting industry standards now that can
influence the conversation here and worldwide in years to come. Obviously, the Department would like to engage with the private sector
in exploring solutions that will provide lawful access. While we remain
open to cooperative approaches, the time to achieve them may be limited.
Key countries, as I said, including some of our most important allies, have been moving toward
legislative and regulatory solutions.
I think it is prudent to
anticipate that a major incident may well occur at any time that will
galvanize public opinion on these issues.
Whether we end up with
legislation or not, the best course, I think, is for everyone involved to work
soberly and in good faith together to craft an appropriate solution,
rather than have outcomes dictated during a crisis. As this debate has
dragged on, and the deployment of warrant-proof encryption has accelerated,
our ability to protect the public from criminal and national security threats is rapidly
deteriorating. The status quo is exceptionally dangerous. It is unacceptable,
and only getting worse. The rest of the world has woken up to this
It is time for the United States to stop debating whether to
address it, and start talking about how to address it.
Thank you very much.