Testimony of Janet Reno
Attorney General
Department of Justice
The House Armed Services Committee
On the Security and Freedom through Encryption (SAFE) Act

July 13, 1999

Mr. Chairman, thank you for the opportunity to testify about the Department of Justice's views on encryption, and particularly the proposed Security and Freedom through Encryption (SAFE) Act, introduced by Mr. Goodlatte as H.R. 850. As you are aware, encryption presents complex and difficult issues that we are attempting to address with our colleagues throughout the Administration. But despite the difficulty of the issues presented, the time has come for government and for our society to take a close look at both the benefits that encryption provides to us and the clear risks that it creates for public safety, and to determine whether and how law enforcement will be able to function effectively as the criminal use of encryption quickly overtakes law enforcement's capacity to address it.

Encryption provides many important benefits to society, and protects the security and the privacy of citizens from intrusions by criminals into their personal documents, files, and communications. Our citizens expect that a ledger book in a person's home or a personal telephone conversation will remain private. Both the Constitution and Congress fully support this expectation of privacy. But both also recognize that the good of society requires narrow exceptions to this normal expectation of privacy. If law enforcement agents follow detailed procedures set forth by Congress and present probable cause to a court, they can be given the authority to obtain the ledger with a search warrant or intercept the telephone call with a wiretap order. The widespread use of encryption, however, will effectively eliminate these exceptions and prevent law enforcement, even with an order obtained from a court under procedures established by Congress, from obtaining information which may be critical to protecting public safety.

Unless Congress recognizes the needs of law enforcement soon, it will become far more difficult for the FBI, DEA, and other federal, state, and local, law enforcement agencies, faced with the rising threat from the criminal use of commercially available encryption, to protect the public from crimes such as terrorism, narcotics trafficking, economic fraud, and child pornography. Simply put, encryption provides a way to scramble information so that the information can only be read by those people who know the secret key needed to unscramble it. And if Congress does not support the Administration's efforts to encourage the development of "recoverable" products, or products that protect law enforcement's ability to obtain the plaintext of messages when faced with criminals using encryption, criminals may be able to act with impunity simply by using commercially available encryption products to scramble their communications and records. The following are only hypothetical scenarios, but could easily become real cases:

The FBI learns that a terrorist group is operating in a major city and may be planning to bomb several buildings and a baseball field within the next 24 hours. As is often necessary when it is investigating organized criminal activity, the FBI must prepare a detailed affidavit setting forth the facts giving probable cause to believe that interception of conversations is necessary and will lead to evidence of this criminal activity, have the request to intercept approved by a person delegated authority by the Attorney General, and then present the application to a federal court even to initiate the tap on the telephone used by the suspected terrorists. Despite following these procedures, and unfortunately for public safety, all that the FBI hears when it taps the terrorists' phone is a meaningless mishmash of sounds, because the terrorist is using a commercially available encryption product. The terrorist could be planning to bomb a site that very day or could be having an innocent conversation - there is no way to tell - and the answer could come too late to save lives.

Here is another example. A local sheriff learns that an individual is abusing children and producing and distributing child pornography. The sheriff then requests and obtains a search warrant from a state court authorizing law enforcement officers to conduct a search for evidence of crime. The officers then go to the suspected pedophile's home, serve him with a copy of the warrant, and begin searching for evidence. They find computers, digital cameras, and children's clothing, but no photographs, videotapes, or written records. Instead, they find that the digital cameras are connected to the computers, which can store digital pictures and movies. They also find that all of the information stored on the computers has been encrypted and is unreadable. Thus, they cannot use this evidence to prove a crime, and cannot use it to identify and rescue children who are currently being abused.

Encryption also assists financial criminals. Many of us use the Internet frequently. We bank online, shop online, and file our taxes online. Encryption helps make all of these transactions more secure, but it can also make crimes far harder to detect. Ask yourself what would happen if a computer hacker were to usurp your identity, or that of one of your constituents. He could withdraw money, order merchandise in the victim's name, and ruin the victim's credit rating. Law enforcement might locate a suspect, present an affidavit to a Magistrate Judge, and obtain a search warrant. But if the computer hacker used encryption, the data stored on his computer, which could be essential in sustaining a successful prosecution or in identifying other victims, will be completely scrambled and impossible to use as evidence, unless we have the ability to decrypt it.

While these are hypothetical cases, the underlying concerns are very real. We have already seen cases where child pornographers have encrypted child pornography, depriving law enforcement of critical evidence, including possibly the ability to identify abused children and get them the help they need. Terrorists are now actually using encryption, which means that in the future we may wiretap a conversation in which the terrorists discuss the location of a bomb soon to go off, but we will be unable to prevent the terrorist act because we cannot understand the conversation. And narcotics traffickers and computer hackers are now using encryption technology, thus defeating efforts to collect evidence. The issue Congress and the Administration must consider is whether law enforcement should have the ability to obtain usable evidence in these and other types of cases, and whether, and if so how, criminals will be caught.

Of course, there are many legitimate reasons to protect information with encryption. Those using cellular phones can protect the privacy of their calls, preventing others from listening in. Information stored on a home or business computer - personal letters, a diary, financial information - can all be protected from computer hackers, because even if a hacker steals information, he will never be able to read it. For these reasons, law enforcement strongly supports the legitimate use of encryption to protect privacy and security, and to support electronic commerce. We must recognize, however, that these beneficial uses do not change the fact that encryption in the hands of criminals is a powerful tool, one that effectively protects criminals from being brought to justice.

It is because of my concern for public safety, and because of my responsibility to bring criminals to justice, that I am deeply concerned about the use of encryption by criminals. But there are solutions. One is for the Administration, Congress and the public to support the use of products which scramble information securely and protect legitimate activities, but provide a way to get the unscrambled criminally-related information if law enforcement has the proper legal authority. For example, some products allow a third party such as a system administrator to provide law enforcement with access to plaintext when law enforcement meets the legal requirements for obtaining that plaintext. Public confidence in such products would be significantly enhanced if there were assurances that such keys would be protected from unauthorized disclosure, as we protect telephone calls and personal records today. This would support both security and privacy, and encourage the use of one type of encryption that addresses the needs of public safety.

We in government must also continue to work cooperatively with industry to find new solutions. Director Freeh, Undersecretary Reinsch, and 1, as well as other members of the Administration, have met personally with CEOs of major companies in the computer and communications industries. These ongoing, productive discussions seek to find creative solutions, in addition to key recovery, to the dual needs for strong encryption to protect privacy and the ability of law enforcement, with appropriate authority, to obtain plaintext to protect public safety and business interests. I would like to emphasize that we have found these discussions productive, and that I believe that industry is genuinely concerned about the risks encryption poses for public safety. However, we must recognize that industry must respond to the market, and that market forces will only take us so far. If we strongly support products which allow law enforcement to obtain plaintext, and build a infrastructure around them, then many criminals will use such encryption because that is what is readily available and easy to use. But some criminals will not use encryption that allows access to plaintext by law enforcement no matter what government does, because, for example, criminals would rather lose data than have it seized by law enforcement. More must be done.

To deal with the threat of dangerous criminals using non-recoverable encryption, law enforcement needs enhanced tools to obtain usable evidence, and the legal authority and practical ability to use those tools, if we are to maintain our current ability to protect public safety. Today, for example, we have the ability to use search warrants and wiretaps with the permission of a court, and under its strict supervision. These tools - wiretaps and search warrants - have proven to be absolutely essential in obtaining evidence and fighting crime. But encryption can turn a warrant or order into a practical nullity. We will obtain only meaningless, encrypted information that cannot be used as evidence. Therefore, in order to maintain our ability to use court-authorized tools, we are enhancing the technical ability of the Federal Bureau of Investigation and other law enforcement entities to obtain the plaintext of encrypted communications and stored data. Essential to preserving our ability to protect public safety is the funding of a centralized technical resource - a "Technical Support Center" - within the FBI. This is an important aspect of our budget proposal for Fiscal Year 2000, and I am asking for support in providing funding for this resource. I believe Director Freeh will address this resource in more detail. This resource, when fully established, will support federal, state, and local law enforcement in developing a broad range of expertise, technologies, tools, and techniques to respond directly to the threat to public safety posed by the widespread use of encryption by criminals and terrorists. We will need Congressional support, both in terms of additional funding and authorizations, for developing and deploying technical capabilities that will allow us to obtain plaintext. The development of such a Center was discussed in meetings last summer among myself, Director Freeh, other law enforcement officials, and important leaders of the computer industry. We have continued to work with industry to develop solutions for protecting public safety in light of the widespread sale of robust encryption.

However, we must recognize that the Technical Support Center does not offer a "silver bullet" - the widespread use of non-recoverable encryption by criminals would quickly overwhelm any possible law enforcement technical response. Since there is no "silver bullet," we must continue to work on many fronts, as I have discussed, to protect public safety.

In light of the above, the proposed Security and Freedom through Encryption Act raises several concerns from the perspective of the Department of Justice. First, we share the deep concern of the National Security Agency that the immediate decontrol of all export controls through the SAFE act is not in the national interest.

The second problem is that the Act may retard the development of products that could assist law enforcement in obtaining access to plaintext. As I explained above, the Administration believes that the development and use of such products are important to protect public safety. Unfortunately, to the extent that the SAFE Act would actually prohibit the government from encouraging development of products that would allow law enforcement to access the plaintext of messages through avenues permitted by law, it places public safety at risk. Instead, any legislation should support public safety, not impair it. The proposed SAFE Act does not include any provisions aimed at improving law enforcement's ability to perform its public safety mission in an encrypted world.

In conclusion, unless Congress recognizes the needs of law enforcement soon, the widespread use of commercially available encryption that does not preserve the ability of law enforcement to obtain the plaintext of messages under appropriate legal authority will soon greatly impair law enforcement's ability to protect public safety. Law enforcement will be unable to execute many search warrants for electronic information, and will be unable to conduct wiretaps in many instances. We will still investigate and prove criminal cases, but when criminals use encryption it will be much harder and we will be less likely to succeed. As a result, criminals will escape justice, and our attempt to make the world a safer place for law-abiding Americans will have failed in part. That, to me, is an unacceptable result, and we must not allow it to happen.