Law enforcement at all levels has the legal authority to intercept and access communications and information pursuant to court orders, but it often lacks the technical ability to carry out those orders because of a fundamental shift in communications services and technologies. This scenario is often called the “Going Dark” problem.
Law enforcement faces two distinct Going Dark challenges. The first concerns real-time court-ordered interception of data in motion, such as phone calls, e-mail, text messages, and chat sessions. The second challenge concerns “data at rest”—court-ordered access to data stored on devices, like e-mail, text messages, photos, and videos. Both real-time communications and stored data are increasingly difficult for law enforcement to obtain with a court order or warrant. This is eroding law enforcement’s ability to quickly obtain valuable information that may be used to identity and save victims, reveal evidence to convict perpetrators, or exonerate the innocent.
Make no mistake, the FBI supports strong encryption, and we know firsthand the damage that can be caused by vulnerable and insecure systems. As such, the Department of Justice, the FBI, and other law enforcement agencies are on the front lines of the fight against cyber crime. The government uses strong encryption to secure its own electronic information, and it encourages the private sector and members of the public to do the same.
However, the challenges faced by law enforcement to lawfully and quickly obtain valuable information are getting worse. The Communications Assistance for Law Enforcement Act (CALEA) was enacted in 1994 and applies only to traditional telecommunications carriers, providers of interconnected voice over internet protocol (VoIP) services, and providers of broadband access services. Currently thousands of companies provide some form of communication service, and most are not required by CALEA to develop lawful intercept capabilities for law enforcement. As a result, many of today’s communication services are developed and deployed without consideration of law enforcement’s lawful intercept and evidence collection needs.
When changes in technology hinder law enforcement’s ability to exercise investigative tools and follow critical leads, we may not be able to root out the child predators hiding in the shadows of the Internet, or find and arrest violent criminals who are targeting our neighborhoods. We may not be able to identify and stop terrorists who are using social media to recruit, plan, and execute an attack in our country. We may not be able to recover critical information from a device that belongs to a victim who cannot provide us with the password, especially when time is of the essence. These are not just theoretical concerns.
We continue to identify individuals who seek to join the ranks of foreign fighters traveling in support of the Islamic State of Iraq and the Levant, commonly known as ISIL, and also homegrown violent extremists who may aspire to attack the United States from within. These threats remain among the highest priorities for the FBI, and the United States government as a whole. We may not be able to identify and stop terrorists who are using social media to recruit, plan, and execute an attack in our country. We may not be able to recover critical information from a device that belongs to a victim who cannot provide us with the password, especially when time is of the essence. These are not just theoretical concerns.
Of course, encryption is not the only technology terrorists and criminals use to further their ends. Terrorist groups, such as ISIL, use the Internet to great effect. With the widespread horizontal distribution of social media, terrorists can spot, assess, recruit, and radicalize vulnerable individuals of all ages in the United States either to travel or to conduct a homeland attack. As a result, foreign terrorist organizations now have direct access into the United States like never before. Some of these conversations occur in publicly accessed social networking sites, but others take place via private messaging platforms. These encrypted direct messaging platforms are tremendously problematic when used by terrorist plotters.
Of the Going Dark problem, Director James Comey has said, “Armed with lawful authority, we increasingly find ourselves simply unable to do that which the courts have authorized us to do, and that is to collect information being transmitted by terrorists, by criminals, by pedophiles, by bad people of all sorts.” And as for a perceived conflict between keeping people safe and protecting their privacy, “it isn’t a question of conflict,” according to Comey. “We must care deeply about protecting liberty through due process of law, while also safeguarding the citizens we serve—in every investigation.”
To help address the challenges posed by advancing communications services and technologies, the Department of Justice’s National Domestic Communications Assistance Center (NDCAC) leverages and shares the law enforcement community’s collective technical knowledge, solutions, and resources. NDCAC also works on behalf of federal, state, local, and tribal law enforcement agencies to strengthen law enforcement’s relationships with the communications industry.
- Congressional testimony of Executive Assistant Director Amy Hess (4/19/16)
- Director Comey’s speech at the Center for the Study of American Democracy’s Biennial Conference, Kenyon College (4/6/16)
- Congressional testimony of Director Comey (3/1/16)
- Director Comey comments on San Bernardino matter (2/21/16)
- Congressional testimony of Director James Comey (7/8/15)
- Congressional testimony of Director James Comey and Deputy Attorney General Sally Quillian Yate (7/8/15)
- Acting Deputy Attorney General Sally Q. Yates’ speech at the Association of State Criminal Investigative Agencies’ Spring Conference (5/4/15)
- Congressional testimony of Executive Assistant Director Amy Hess (4/29/15)
- Director James Comey’s speech at the Brookings Institution (10/16/14)
- National Domestic Communications Assistance Center