SAN FRANCISCO — Two former top national-security officials backed Apple's hard line on encryption here at the RSA Conference yesterday (March 3), portraying the company's refusal to help the FBI unlock a dead terrorist's iPhone as patriotic.
"Ubiquitous encryption is something this country needs to have," said Mike McConnell, former director of the National Security Agency and former Director of National Intelligence. "Our leadership position [in the world] will start to slip if we don't embrace this technology and learn how to live with it."
"I view encryption pretty much as a militiaman would have viewed a musket back at the time of the American Revolution," said Michael Chertoff, former Secretary of Homeland Security.
When McConnell was NSA director in the mid-1990s, the agency was pushing the cellphone industry to adopt the Clipper chip, a hardware-based encryption module with a built-in backdoor that would let law-enforcement agencies listen to encrypted voice communications if necessary.
Each phone would have had a Clipper chip with a unique encryption key, and all keys would have been held in escrow and could only have been accessed with a warrant or similar authorization. But the Clipper chip died in the face of strong opposition from both politicians and technology experts.
"You may remember that I once took a position in support of escrow keys," McConnell said. "But since then, I've come to understand that we are digitally dependent. [Dependence on technology is] going to impact human behavior more than we ever could imagine."
The turning point for him, McConnell said, came when he entered the private sector. He joined Booz Allen Hamilton, a major defense and security contractor that handles many of the security needs for the federal government (and for which Edward Snowden also worked).
Most of the government computers McConnell encountered, he said, had been hit by "advanced persistent threats," a euphemism for targeted, skilled attacks or malware funded by a rival nation, often China.
"In my post-government life, we never examined any computer of consequence on which we did not find an APT planted by the Chinese," McConnell said
In his eyes, strong, ubiquitous encryption is the only thing that can stop further such attacks and protect American government and industry.
"Our nation is literally being raped of its intellectual capital by economic espionage," he said. "We have to stop it. That's the higher calling of this [information-security] community, to build that capability."
Because of his experiences, McConnell said, he supports Apple's strident defense of unbreakable encryption — and he dismissed the FBI's assertion that Apple is simply using encryption as a selling point.
"Apple is accused of making a marketing argument," McConnell said. "They're in fact protecting the American manufacturing base."
Chertoff said that he understood the FBI's point of view, but that there were bigger issues involved beyond catching criminals and terrorists.
"We need to acknowledge that the FBI has real reasons to get into the phone," Chertoff said. "But there are two arguments against [what the FBI wants]. One: This would require Apple to create and maintain this code [to defeat iPhone security], which would increase the risks that the code would get out. Also, there's an issue here about using the courts to compel companies to create malware. Those laws ought to be debated by Congress."
McConnell agreed that the debate between law-enforcement and privacy was something that should be handled by Congress, but cautioned that education on the complex topic was needed first.
To that end, he supported the effort by Rep. Michael McCaul, R-Texas, and Sen. Mark Warner, D-Virginia, to create an encryption-advisory commission that would help Congress craft new laws.
"This is worthy of a digital-age Madison-Jefferson-Adams debate," McConnell said. "We have to have that sort of fundamental debate to get this right."