US deputy A-G calls for "responsible encryption"

The United States deputy attorney-general Rod Rosenstein has reignited the debate around strong encryption allowing criminals and terrorists to "go dark", with law enforcement having no way to intercept their communications.

Rod Rosenstein.

Rosenstein said that "warrant-proof" encryption is a serious problem for the police and other agencies who are unable to unscramble messages and information stored on suspects' devices.

"Today, thousands of seized devices sit in storage, impervious to search warrants," he said in a speech delivered to the US Naval Academy.

"Over the past year, the FBI was unable to access about 7500 mobile devices submitted to its Computer Analysis and Response Team, even though there was legal authority to do so."

Rosenstein gave Apple a serve for its refusal to assist the FBI to break into the San Bernardino shooter's iPhone to retrieve encrypted information stored on it, despite a court order.

The FBI was later able to access the data on the iPhone without Apple's help.

Rosenstein said companies have "no constitutional right to sell warrant-proof encryption".

He called for "responsible encryption" that allows law enforcement to access information under warrants to be developed, arguing that such a concept would not undermine cybersecurity in general.

"Responsible encryption can protect privacy and promote security without forfeiting access for legitimate law enforcement needs supported by judicial approval," Rosenstein added.

Such encryption exists today, he said. It is achievable through central management of security keys and operating system updates, scanning of content such as emails for advertising delivery, simulcast of messages to mutiple destinations and key recovery mechanisms.

These features do not amount to backdoors, and the government would not need to mandate hardware solutions such as special chips, or software algorithms and key escrow, to provide access to encrypted systems, Rosenstein argued.

The deputy attorney-general acknowledged that "technology companies almost certainly will not develop responsible encryption if left to their own devices".