November 1, 2013 / by emptywheel


Robert Litt: Isn’t Weakening Encryption Our Job?

Office of the Director of National Intelligence General Counsel Robert Litt gave a speech to the American Bar Association’s National Security Law conference yesterday. It’s full of lots of patent bullshit, as you might expect, including misrepresenting what Keith Alexander said to Congress the other day.

But it does do something the I Con has not done thus far: try to rationalize NSA’s weakening of encryption standards.

For example, there have been stories claiming that NSA is able to crack encryption or break into private networks, and charges that this compromises everyone’s privacy.

I’m not going to comment on whether or not these stories were accurate.

But isn’t cracking encryption, or breaking into private networks, exactly what we want an intelligence agency to be able to do?

How else are we going to collect the communications of people who want to harm us and our allies, and who use those tools to try to hide their communications, or to provide policy makers the intelligence they need to protect the nation?

But just because we try to develop the capability to intercept and decrypt communications of adversaries and terrorists does not mean that we can or do use those capabilities against ordinary U.S. citizens, or French citizens, or Belgians, etc.

Granted, Litt misrepresents the extent of the revelations. It’s not just that the NSA has been trying to crack Tor. It’s also that they have deliberately weakened more general encryption standards so as to make it easier for them to access communications or launch hacks in the future.

Nevertheless, he blithely dismisses any concerns about this activity by insisting that is the Intelligence Community’s job. “But isn’t cracking encryption exactly what we want an intelligence agency to be able to do?”

This is why the defensive mandate needs to be broken off from NSA and put somewhere where people like Litt can’t touch it. Because Litt isn’t even aware that weakening encryption is, by its nature, an attack on “US citizens, or French citizens, or Belgians, etc.” (And all that’s before you get into the NSA keeping encrypted conversations of entirely innocent US and French and Belgian citizens indefinitely.)

A General Counsel making legal decisions for the entire intelligence community who misunderstands this basic fact is a menace to all of us.

Copyright © 2013 emptywheel. All rights reserved.
Originally Posted @