Two Of The Most Ridiculous Statements From Senators At Yesterday's Encryption Hearings
from the these-people-are-in-charge? dept
We already wrote a bit about the two Senate hearings that FBI Director James Comey participated in yesterday, concerning his alleged desire to have a “discussion” about the appropriateness of backdooring encryption. The phrase tossed around at the hearings was about the FBI’s fear of “going dark” in trying to track down all sorts of hypothetical bad guys (and it always was hypothetical, since no actual examples were given). However, not all of the crazy statements came from Comey. There was plenty of nuttiness from Senators as well. It is, of course, difficult to pick out the most ridiculous, so here are two that stood out to me, personally. And, to avoid any charges of bias, I’ll include one from each hearing and one from a Democrat and one from a Republican.
Let’s start with the first hearing, the one before the Senate Judiciary Committee, where Senator Sheldon Whitehouse decides to add his bizarrely ignorant statements (starting around 1 hour, 18 minutes into the recording). Whitehouse starts out with a hypothetical (again!) story of a girl being kidnapped outside of her home (“taken into a van”), but having her phone left inside. He claims that in the past, law enforcement could get a warrant for the phone “to help locate the girl.” And now “they cannot do that.” This hypothetical makes no sense for a variety of reasons. First, the number of actual abductions like that is pretty rare. But, more importantly, if the phone is at home then it’s not exactly going to help law enforcement locate her any more. He’s mixing up a variety of different things involving location versus stored data encryption. It’s just a scare story that has little to do with the issue of stored data encryption, which is what the hearing is supposed to be about.
But, from there, he goes on to make an even more bizarre statement, claiming that companies pushing encryption are doing so solely for their own corporate benefit, creating harm for the public. In fact, he compares encryption to pollution, and then argues that there could be civil liability because encrypted phones make it difficult to find hypothetical kidnapped girls:
It strikes me that one of the balances that we have in these circumstances, where a company may wish to privatize value — by saying “gosh, we’re secure now, we got a really good product, you’re gonna love it” — that’s to their benefit. But for the family of the girl that disappeared in the van, that’s a pretty big cost. And, when we see corporations privatizing value and socializing costs, so that other people have to bear the cost, one of the ways that we get back to that and try to put some balance into it, is through the civil courts. Through the liability system. If you’re a polluter and you’re dumping poisonous waste into the water rather than treating it properly somebody downstream can bring an action and can get damages for the harm they sustained, can get an order telling you to knock it off.
This appears to be a thing that Senator Sheldon Whitehouse does. He makes up ridiculous hypotheticals of situations that aren’t happening and then jumps to flat out wrong arguments based on those hypotheticals.
Here, he’s just wrong that companies employing encryption are “privatizing value and socializing costs.” In fact, as many, many, many people will argue, companies that are putting in place end-to-end encryption actually can make it more difficult for them to make money, since they close off avenues such as targeted advertising, since they lose access to the information being transmitted. But, even more to the point, this entire argument is based on the simply wrong (and completely ignorant) argument that the there’s a “cost” to the public of greater encryption. That’s not just wrong, it’s so wrong as it should call into question the career choices of whatever clueless staffer fed that line to Senator Whitehouse. The whole crux of the argument, as has been explained over and over again, is that greater encryption better protects the public from cyberattacks, from those seeking to violate their privacy and from other potential malicious actors.
In other words, the actual scenario that Whitehouse should be concerned about is not the mythical girl being abducted into a van (again, a scenario that rarely happens), but the malicious online actors who are seeking to break into the girl’s bank account or other online accounts in order to cause all sorts of actual problems for her in real life. That’s the much more likely threat, and it’s the one that strong encryption helps protect. The whole idea that strong encryption is the equivalent of pollution is hilariously wrong. Pollution is a negative externality. But strong encryption is not a negative externality. It better protects the public. It’s a public benefit.
Senator Whitehouse’s argument is based on a near total misunderstanding of what encryption does and how it protects people, and is devoid of any understanding of actual threats that people face in the world — both the low likelihood of random abduction and the high likelihood of having your online accounts under attack. It’s so far from reality that it feels like Senator Whitehouse ought to issue an apology.
On to the second hearing before the Intelligence Committee. In this case, the Senator we’ll pick on is Senator John McCain. His part starts a little after the 1 hour and 15 minute mark into that video. And he’s focused on the worst kind of political grandstanding, hyping up FUD around ISIS, followed by a “but we must do something!” argument that ignores the simple fact that the plan he supports actually makes the problem worse, not better. As you’ll see, Senator McCain doesn’t care about that. He just wants something done. This one involves some back and forth with Comey, starting with the scare stories to start things out:
McCain: Is it true that, you have stated on several occasions, that ISIS poses over time a direct threat to the United States of America?
Comey: Yes.
McCain: And that is the case today?
Comey:: Yes. Everyday they’re trying to motivate people here to kill people on their behalf.
McCain: And every day that they take advantage of this use of the internet, which you have described by going to unbreakable methods of communicating, the more people are recruited and motivated to, here in the United States and other countries to attack the United States of America. Is that true.
Comey: Yes sir.
Okay, let’s just cut in here first of all to note that it’s not actually true. I mean, it’s possible that this is happening, but there still has yet to be a single credible story about ISIS successfully “recruiting” people in the US to perform an attack in the US. All of the ISIS “arrests” so far have been part of the FBI’s own plots, where it’s an FBI informant doing the “recruiting and motivating.”
McCain: So this is not a static situation. This is a growing problem, as ISIS makes very effective use of the internet. Is that correct?
Comey: That’s correct sir.
McCain: So with all due respect to your opening comments, this is more than a conversation that’s needed. It’s action that’s needed. And, isn’t it true that, over time, the ability of us to respond is diminished as the threat grows and we maintain the status quo?
Comey: I think that’s fair.
Actually, it’s not fair. It’s wrong. I mean, it depends on what kind of “action” we’re talking about — but since the entire hearing focused on backdooring encryption, it’s difficult to argue that the “ability to respond diminishes” over time because any plan to backdoor encryption wouldn’t be an actual response that matters. ISIS would quickly just switch to encrypted systems that aren’t backdoored by the US government, and there are plenty to choose from.
McCain: So, we’re now — and I’ve heard my colleagues, with all due respect talking about attacks on privacy and our Constitutional rights etcetera — but it seems to me that our first obligation is the protection of our citizenry against attack. which you agree is growing. Is that a fact?
Comey: I agree that is our first responsibility. But I also…
McCain: So the status quo is not acceptable if we support the assertion that our duty is to protect the lives and property of our fellow citizenry. That is our first priority. You agree with that?
Okay, first off, you should really watch this point to see the dismissive way he shrugs off the part about “privacy” and “our Constitutional rights etcetera.” It’s really quite disturbing, frankly. And that’s because the next line is just wrong. The Oath of Office given to Senators is that they will “support and defend the Constitution of the United States against all enemies, foreign and domestic.” It does not say anywhere that they are to “protect our citizenry against attack.” And it especially does not say that the role of a Senator is to protect the citizenry from attack over protecting the Constitution. It says the exact opposite. It says that his sole job is to protect the Constitution.
That a Senator who has been in office as long as McCain is flat out ignoring the Oath he’s taken many times, and actually arguing for a policy that he is admitting violates that oath is somewhat stunning. He is flat out saying, in violation of his oath, that his job is to undermine the Constitution if he believes it will protect the American people from attack.
And, just to highlight how incredibly stupid this statement is, pushing for backdoors on encryption doesn’t even do what he thinks it does. It actually makes Americans more open to attack by making their digital information less safe and secure. So even if we took McCain’s argument at face value and ignored that it’s directly in contrast to his oath of office, he’s still wrong, because he’s putting more Americans at risk, rather than “protecting” them.
As for Comey agreeing that this is a first priority, he’s wrong about that too. Some might think that is the first priority for the FBI, even if it isn’t for Congress, but it’s not. The FBI’s oath is also to “support and defend the Constitution against all enemies, foreign and domestic.”
McCain then drags out a bunch of leading questions in which he continues to try to make it out like “something must be done to stop this nasty encryption” stuff, getting Comey to (mostly) agree, even to completely bogus statements.
Comey: I agree that this is something that we have to figure out what to do about.
McCain: So now we have a situation where the major corporations are not cooperating and saying that if we give the government access to their internet, that somehow, it will compromise their ability to do business. Is that correct also?
Comey: (Shakes his head back and forth in a way suggesting he disagrees, but then says): That’s a fair summary of what some have said.
McCain: So we’re discussing a situation in which the US government — i.e., law enforcement and the intelligence community — lack the capability to do that which they have the authority to do. Is that correct?
Comey: Certainly with respect to the interception of encrypted communications and accessing locked devices, yes.
McCain: So we’re now in an interesting situation where your obligation is to defend the country, and at the same time, you’re unable to do so, because these telecommunications… these organizations are saying that you can’t, and are devising methodology that prevents you from doing so, if it’s the single key, only used by the user. Is that correct?
Comey: I wouldn’t agree, Senator, that I’m unable to discharge my duty to protect the country. We’re doing it every single day using all kinds of tools…
McCain: Are you able to have access to those systems that only have one key?
Comey: No, we can’t break strong encryption.
McCain: So, you can’t break it. And that is a mechanism which is installed by the manufacturer prevent you [sic] from using… that there’s only one key that is available to them… to you.
Comey: That’s correct.
Now, to his very slight credit, after this misleading back and forth, Comey eventually plays a slight devil’s advocate here, and at least attempts to channel the views of all of those computer security experts who have pointed out that backdooring encryption makes people less safe.
McCain: So suppose that we had legislation which required two keys. One for the user and one that, given a court order, requiring a court order, that you would be able to — with substantial reason and motivation for doing so — would want to go into that particular site. What’s the problem with that?
Comey: Well, a lot of smart people, smarter than I, certainly, say that would have a disastrous impact on broader security across the internet, which is also part of my responsibility.
McCain: Do you believe that?
Comey: I’m skeptical that we can’t find a solution that overcomes that harm. But a lot of serious people say “ah, you don’t realize, you’ll rush into something and it’ll be a disaster for your country. Because it’ll kill your innovation, it’ll kill the internet.” That causes me to at least pause and say “well, okay, let’s talk about it.”
At which point McCain totally ignores that point to go back to his but we need to do something! mantra.
McCain: But, we’ve just established the fact that ISIS is rushing in to trying… attempting… to harm America and kill Americans. Aren’t we?
Comey: They are.
McCain: So I say with respect to my colleagues, and their advocacy for our constitutional obligations and rights, that we’re facing a determined enemy who is, as we speak — according to you and the director of Homeland Security — seeking to attack America, destroy America and kill Americans. So it seems to me that the object should be here, is to find a way not only to protect Americans’ rights, but to protect American lives. And I hope that you will devote some of your efforts — and I hope that this Committee… and I hope the Congress will — understand the nature of this threat. And to say that we can’t protect Americans’ Constitutional rights in the same time protect America, is something that I, simply, won’t accept.
Except, we can protect Americans’ Constitutional rights and, at the same time, protect America: by enabling strong encryption that better protects the security and privacy of everyone, without adding unnecessary vulnerabilities in the form of government backdoors. McCain completely ignored the rebuttal point that his position actually makes America less safe by opening things up to those who wish to attack us.
Don’t we deserve Senators who don’t spout pure ignorance, focused on scaring the American public in ways that make us both less safe and take away the Constitutional rights they’ve sworn to defend?
There were plenty of other ridiculous claims made by Senators in both hearings, but these were the two nutty ones that stuck out for me. We deserve better elected officials.
Filed Under: congress, constitution, encryption, going dark, james comey, john mccain, senate, sheldon whitehouse
Comments on “Two Of The Most Ridiculous Statements From Senators At Yesterday's Encryption Hearings”
These Senators need to understand a simple concept: by eroding any part of the Constitution is an act of terrorism in its own right.
I’m more frightened of an out-of-touch group of old geezers passing ridiculous laws in this country than I am over a group of people thousands of miles away.
One hits closer to home than another.
Re: Exactly!
To weaken our Constitution and take away our rights is to hand the (overseas) terrorists a huge victory. We need someone in Congress or Senate with the num-nums to push through legislation that undermining the Constitution…undermining the oaths that these jokers took…is a form of treason and subject to all of the punishments that a guilty conviction might bring.
Re: Re: Exactly!
Sorry, no spines or num-nums are available here. No one votes them into power.
~The Legislature
tl; dr
and i dont think its all that impotant
Re: tl; dr
OMG! Are you a U.S. Senator?!?
"We deserve better elected officials"
I would love to vote for a lot of better elected officials.
But in my lifetime very few have actually run for office, and more often than not lost!
Re: "We deserve better elected officials"
The problem is, people with any brains and morals don’t want the office. The first sign that we are about to get screwed over is that someone stands up and says they want that job.
No Vaseline...
Looks like McCain is determined to backdoor us.
My recollection is that ISIS took credit for the Dallas attack in May.
Re: Re:
How many people died/injured in the Dallas attack?
How many people died/injured in automotive accidents that same day?
Are you more likely to be injured or killed by terrorists or automotive accidents?
Are your fears of terrorists rational or irrational?
While techincally correct.
Wonderful article, and while I do agree with the premise that these senators have beclowned themselves, I must take issue with your statement,
“…there still has yet to be a single credible story about ISIS successfully “recruiting” people in the US to perform an attack in the US.”
You are apparently forgetting about the attack on the “Everybody Draw Mohammed” event in Texas earlier this year. While the two a**hats who tried it were not arrested (being dead and all,) I saw plenty of evidence that the were at least under the impression they were acting for ISIS.
Re: While techincally correct.
I saw plenty of evidence that the were at least under the impression they were acting for ISIS.
Which is it? Evidence? Or under the impression? The two are mutually exclusive.
Re: Re: While techincally correct.
Actually, the comment says “evidence that the[y] were at least under the impression,” not evidence that the commenter was “under the impression”.
Instead, take issue with the fact that Aonghus says there is “plenty of evidence” but cites to none.
McCain is a warmonger. If he would have been elected President, right now we’d be at war in Afghanistan, Iraq, Iran, Russia, and who knows how many other countries.
Not that I like Obama any better, but McCain choosing Palin as his running mate is the best thing he’s ever done.
Parental responsibility
For centuries young and old have been abducted and they didn’t possess phones. Besides, this is a parental responsibility. The parents should have ensured that they have access to the phone’s contents and they should ensure that the child doesn’t encrypt the phone (or that they turn off encryption if that’s how it comes from the factory).
Re: You know what is a bigger problem than abduction of kids?
Abduction of adults into corporate prisons based on what their agents find in your phone.
Re: One more thought
The only invalid reason that I can think of for not using encryption would be because you want to let government into your device. If you want to let them in let them in, but don’t make that the reason for not using encryption.
Re: Parental responsibility
Added to this, which is currently happening to more young women: being abducted by thugs in vans, or having their personal data stolen and shared in public, often leading to suicide or permanent psychological trauma?
If you’re going to stop terrorism, forget ISIS; start at home with the terror we expose our youth and celebrities to by failing to properly secure their private information. More people die from this (usually indirectly) annually in the US than ISIS could ever hope to affect.
Re: Parental responsibility
If the iPhone is version 6 or later, it is encrypted by default. I am aware of no way for you to decrypt it. (Even a factory reset would still result in an encrypted iPhone.)
What parents can and should do is set it up so they have control over the phone through parental controls. However, we know that it has always been the case that most kids know more about the phone than the parents so parents who do this may not change anything.
total bullshit
No, Sen McCain, you’ve got that wrong. “Protection of our citizenry against attack” is not your first obligation. In fact, is not an obligation at all.
Perhaps, Mr. McCain, you should study the Oath of Office you swore to:
senate.gov source
Perhaps you should spend more time defending the Constitution as you swore to do rather that weakening it. Some people might even consider that treason.
Re: Note to self
Self: Read the whole article before going off on a screed which is exactly (and better) covered later in the article.
Yours,
Self
Privatizing Value, Socializing Costs
The backdooring of encryption is privitizing value (eg, government snoops and voyeurs) and socializing costs (eg, easier for hacker or foreign agent to break into bank account, stock exchange, airline systems, utility systems).
So the position is that ISIS is driving around in Hummers and using M60s because they can encrypt internet traffic ?
Interesting quote
“to say that we can’t protect Americans’ Constitutional rights in the same time protect America, is something that I, simply, won’t accept”
Given the context, isn’t that equivalent to “to say that I can’t have my wall painted entirely black and at the same time painted entirely white, is something I, simply, won’t accept” ? I wouldn’t want somebody with so little grasp of reality having any power over me…
Re: Interesting quote
Given the context, isn’t that equivalent to “to say that I can’t have my wall painted entirely black and at the same time painted entirely white, is something I, simply, won’t accept” ?
I don’t think so. Do you think protecting the country (by which I assume he means the lives of its citizens) and protecting rights are mutually exclusive goals?
Re: Interesting quote
No, it’s more equivalent to saying that there is but one choice between security and privacy — we can’t have both.
He has chosen security for us (Father knows best), and is trying to scare us into agreeing with him.
Mythical girl
Technology is opt in. If you’re a girl or parent who wants to use an insecure device that might be of marginal benefit in some obscure situation that’s your choice. Companies are providing encryption precisely because the public are demanding it. Senators are saying the public shouldn’t have that choice.
Dahm
Why they even talk about it, they have no idea what´s it about. Encryption isn´t better than the weakest link. Lets say a hard drive has an full disk encryption. Everybody know´s that the first 6-20 things you gonna hit on the keyboard will be the code. Let´s say you use wireless keyboard. I´m sure they could pick it up that way before even try to ring on the door. How hard can it be…
Got the usual problems! Politicians shouldn’t be involved in these type of security issues because the one who gets what he/she wants done postures more and more! It doesn’t matter whether what has been done is of any use to anyone else!
He/she will jump on whichever bandwagon suits, depending on the way a particular situation unfolds. Whatever happens it is turned into a political advantage but never does the situation or those involved the slightest bit ofgood
all they need to do is create another major false flag terrorist attack, only this time not get caught as being the ones behind it.
An attack that kills people damages infrastructure and directly ties into what they are demanding.
Sadly, I don’t live in the right state to vote against the one, and I don’t live in the right time to vote for the other.
Should we really give McCain any credibility anymore?
I mean, this is the guy who ran for president with Sarah Palin as his running mate.
If that doesn’t imply that he’s well beyond fucking stupid at this point, nothing will.
This has been a one-sided conversation for a long time. It’s like watching a codependent passive-aggressive breakup attempt.
Only morons would still be using ‘think of the children’, or ‘terrorists’ as excuse to take away rights.
I hope Senator Whitehouse doesn't have a lock on the door of his house...
After all, if he’s right about the civil liability risks of locking your property securely, he could be in real trouble if someone needs to illegally enter his house in some difficult to foresee emergency and can’t because he locked the door when he left for work that morning.
I’m certainly no fan of Obama but right now I’m glad he defeated McCain.
Now can we please get an intelligent candidate for president that believes in a strict adherence to the Constitution?
Re: Re:
No, your only right is this:
https://www.youtube.com/watch?v=Pji_IX-UacM
Re: Re: Re:
No, your only right is this:
Well, we have a few other rights.
https://www.youtube.com/watch?v=m1t9QOSYqYM
Virtually no Americans support ISIS. I don’t know any Americans who believe in oppressive Middle Eastern views such as women not being allowed to drive or go to places without being escorted by a male chaperone.
If ISIS tries attacking on American soil, they will find no sympathy or support from the American public. They will quickly be hunted down and captured or killed.
I believe ISIS is less keen to attack America after experiencing the US military going full out ape shit in Iraq and Afghanistan in retaliation for 9/11. I don’t think they’re willing to risk an all out retaliation from America’s military a second time around. America has proven that we’re crazy enough to do it too.
How exactly do you recruit people with unbreakable communications? It seems to me they need to be recruited before the unbreakable communications can start.
Better elected officials
“There were plenty of other ridiculous claims made by Senators in both hearings, but these were the two nutty ones that stuck out for me. We deserve better elected officials.”
Well put. Unfortunately, until we, the People of the USA elect them, we are stuck with the ones we have!
Re: Fixed it for you.
Unfortunately, until we, the People of the USA have the option to elect them, we are stuck with the ones we have!
It’s even worse than that. Those who play ball retain their ability to make bad decisions while those who try to stay honest or make good decisions are quickly rendered inert and pushed out of the caucuses.
Defending the constitution is defending the citizens
I will support and defend the Constitution of the United States against all enemies
What they don’t seem to understand is that defending the constitution is defending it’s citizens.