The encryption fight is overblown

Governments are not wired — physically or intellectually — to embrace technology. In 1922, the Michigan Supreme Court warned that cars would offer criminals and anarchists a “means of silent approach and swift escape unknown in the history of the world before their advent.” They urged a national debate: “The question of their police control and reasonable search . . . is a serious question.”

Today’s “means of silent approach” is encryption. National security officials are raising many of the same questions as they once did about the automobile, especially after last week’s brutal attacks in Paris.

Reports that the terrorists used encrypted communications are no surprise. It would be difficult for them to have avoided crypto; many of today’s messaging apps are encrypted by default, including Facebook’s WhatsApp, which has some 900 million users.

In the post-Snowden age, it’s not just terror groups who want this technology. Ordinary citizens do, too, whether to help protect themselves from their governments — some of which aggressively repress free expression — or just to stay safe from hackers.

Among terror groups, ISIS is known for its focus on secure communications. Their followers are highly active on Telegram, the brainchild of Pavel Durov (“Russia’s Mark Zuckerberg”). But for any 21st century terror group — and for the intelligence officers hunting them — encryption is part of daily life.

Governments are not wired — physically or intellectually — to embrace technology.

ISIS has disseminated step-by-step guides on navigating the Internet and communicating with fellow jihadists anonymously. On March 19, a Twitter user with the handle @Shahadastories distributed an e-book with a chapter on how to use Tor, an anonymous network that Edward Snowden calls “the most important privacy-enhancing technology project being used today.”

And no one should be surprised they’ve also used PlayStation to communicate. This is where next-generation ISIS recruits live.

Pandora’s box is open, and policy has lagged. What to do?

Much of the debate to date has focused on whether to mandate government backdoors — giving authorities a guaranteed way to get in and snoop, once they meet legal hurdles.

We must demand that law enforcement agencies be as innovative as their targets. To start, this means reinvesting in old-school human intelligence.

But even if some kinds of encrypted communications channels were banned, terrorists would continue to use them or invent them. Which means that, to track these threats, law enforcement will have to find more creative solutions.

Which brings us to the good news: Short of a new law, there are other ways to obtain the same information. Terrorists make human and technical mistakes. We must find and exploit those.

The U.S. intelligence community spends more than $50 billion a year to protect our interests at home and abroad; we can find ways to defend the homeland, whatever tricks terrorists pick up.

We must demand that law enforcement agencies be as innovative as their targets. To start, this means reinvesting in old-school human intelligence. Since the Snowden leaks, debates about espionage have focused on tech tools and big data, while gumshoe spying has fallen by the wayside.

That balance should shift. If widespread encryption blunts our signal intelligence capabilities, the U.S. will have to dedicate more resources to cultivating informants, satellite imagery and other traditional tools. This won’t be a brave new world; it’ll be a return to old habits, ones that American spies honed over decades of the Cold War.

That said, we’re not out of technical arms yet. Encrypted message apps offer little protection if the CIA, FBI or NSA can hack a target’s phone or computer. And terrorists are just like the rest of us: Some use lazy passwords and forget to install security patches.

By investing in technical staff — building bigger teams and offering higher salaries to attract savvier professionals — law enforcement could better exploit those vulnerabilities, with or without new backdoors.

The opinions expressed here are solely those of the author. 

This article was first published on The New York Daily News.