The man who wants to outlaw encryption

FBI Director James Comey

FBI Director James Comey has transformed from a privacy hero to a warrior against privacy’s greatest tool.

“There has not been a tradeoff between liberty and security in our response to terrorism in this country and in our efforts to offer security to the people of the United States.”

– James B. Comey

At the height of the War on Terror, in May 2005, James Comey walked into the headquarters of the National Security Agency and explained just how hard it is to say “no” to them.

Given an unprecedented mission scope following 9/11, the NSA began engaging in warrantless domestic wiretaps, among other growing surveillance powers, that would soon spark national controversy. When Comey stood in front of the NSA in 2005, the American public remained ignorant of its government’s overreach; his speech was mostly ignored by the press. Within the NSA, however, the surveillance was no such secret.

“It can be hard [to say no],” Comey said, “because the stakes couldn’t be higher. Hard because we are likely to hear the words, ‘If we don’t do this, people will die.’”

One year earlier, in March 2004, Comey stood over the sickbed of his boss, former Attorney General John Ashcroft, and threatened to resign unless the George W. Bush administration’s warrantless domestic wiretapping program was subject to Justice Department oversight.

“They’d need to outlaw certain kinds of code. Possessing crypto code would become illegal.”

Bush’s agreement to Comey’s oversight—it’s still not clear exactly what that entailed—still meant no warrants and court oversight but, at a time when many in the Bush administration shoved toward greater government surveillance powers, Comey’s willingness to stand up even that much won him the air of establishment dissident.

“James B. Comey is one integrity-filled motherfucker, no lie,” the liberal Wonkette blog recently praised. “Seriously, we fucking love this guy.”

It’s not clear exactly what the NSA was doing before Comey pushed some measure of reform. What is clear, however, is that, after the confrontation, he endorse the warrantless domestic wiretaps, a program that was characterized by “overcollection,” according to the Justice Department, and an “overreaching … manipulation of the law” by several members of Congress.

Outside of Capitol Hill, critics called the program outright illegal.

When the story became public in 2007, Comey became a minor hero to some Democrats, doubly so for standing up to the White House while being himself a Bush-voting Republican through and through.

So his speech to the NSA on saying “no” had significance beyond what anyone in the public could understand at the time.

The difficulty in saying “no” to the NSA is that “we don’t want people to die,” Comey said.

Today, Comey is the one hearing “no.”


The current director of the Federal Bureau of Investigation, Comey is the face of a crusade against encryption at a time when both Google and Apple are increasingly offering it, by default, on their smartphones and tablets to millions of customers around the world.

The encryption in Apple and Google’s mobile operating systems lock everyone out of their smartphones except the owners. That means neither the FBI nor Apple, Google, nor even the NSA (as far as we know) can access the encrypted material. It also means that hackers and foreign spies are locked out. The encryption is meant to be absolute, an impenetrable wall between you and any potential onlookers.

Comey’s argument is that increased use of encryption will stifle law enforcement’s ability to catch criminals, so the U.S. government should require companies to allow cops to break the encryption through so-called backdoors—secret weaknesses in the encryption code that would let those in know have a way in to the data.

“Criminals and terrorists would like nothing more than for us to miss out,” Comey said in an Oct. 2014 speech. “Justice may be denied because of a locked phone or an encrypted hard drive.”

Unlike the gung ho mood post-9/11 America, which led to the passage of the USA Patriot Act, industry and academic experts and even members of Congress have lambasted Comey’s efforts to outlaw strong encryption as a vast overstep of government authority and grossly naive. Just last week, for example, a congressional hearing on encryption got downright hostile when Rep. Ted Lieu (D-Calif.) called Comey’s proposal “stupid.”

The FBI doesn’t want to ban encryption, insisted Amy Hess, the FBI’s executive assistant director for science and technology. They only want backdoors—to break encryption, but just for the good guys.

But that’s trying to make a molehill out of a mountain, critics insist.

“The FBI makes this proposal to look like they’re looking for a simple law to add a simple feature,” says Robert Graham, CEO at Errata Security. “But when you look into it, what they’re really asking for is dramatic, it’s a huge thing. They’d need to outlaw certain kinds of code. Possessing crypto code would become illegal.”

Ask hackers and other cybersecurity experts, and they’ll tell you that the entire idea of a “backdoor” is a bureaucratic fantasy with little basis in technical reality.

You can’t build a backdoor that only the good guys can walk through,” cryptographer and author Bruce Schneier explained. “Encryption protects against cybercriminals, industrial competitors, the Chinese secret police, and the FBI. You’re either vulnerable to eavesdropping by any of them, or you’re secure from eavesdropping from all of them.”


Comey left his job at the Justice Department a few months after his 2005 speech at the NSA to become chief counsel at Lockheed Martin, one of the world’s largest defense contractors. Because of his resume, Comey continued to speak about terrorism and civil liberties.

“There has not been a tradeoff between liberty and security in our response to terrorism in this country and in our efforts to offer security to the people of the United States,” he argued in a 2006 speech. “Now, it is so much a part of the drinking water that you are thinking that I am out of my mind.”

At a point when the government still kept warrantless wiretapping secret from the public—never mind the vast NSA surveillance revealed by Edward Snowden some seven years later—Comey went on to criticize what he called an “uninformed” debate over civil liberties. 

In the wake of Snowden’s disclosures, Comey’s speech can now be seen in a new light.

“The confusion about the Patriot Act can be divided into two categories: stuff that is not new, and stuff that is not in it,” Comey argued.

“There has not been a tradeoff between liberty and security in our response to terrorism in this country and in our efforts to offer security to the people of the United States.”

In fact, the NSA has used the Patriot Act to procure new power, like collecting the phone records of millions of Americans who had never been accused of a crime.

The authority to do so comes from Section 215 of the Patriot Act. On Thursday, a federal appeals court ruled that the NSA collection program was illegal and represented “an unprecedented contraction to the privacy expectations of Americans.”

At the time, Comey insisted that the Patriot Act is overall “smart stuff” that “has not caused a tradeoff of liberty for security.”

Comey’s own post-9/11 career has been a steady ascent in power that’s included numerous charges of running afoul of civil liberties.

As U.S. Attorney in Manhattan, Comey led the prosecution against an Egyptian falsely accused of working with 9/11 hijackers. Abdallah Higazy was released and all charges dropped after he spent a month in solitary confinement after a false confession that he said was prompted by threats from an FBI polygrapher against the lives of Higazy’s family.

The man, a hotel employee who lied about Higazy in the first place, was sentenced to six months of weekends in jail. The FBI agent whom Higazy said made him confess was effectively immune from all charges because the FBI explicitly forbids audio and video recording of polygraph examinations. Without recordings, there was no evidence—by design, could be no evidence—of wrongdoing.

Higazy successfully sued the U.S. government for $250,000 in 2009.

“I ordered an investigation by the government into the circumstances of the FBI’s polygraph testing, the result of which was a report assuring me that the manner and mode of Higazy’s polygraph was consistent with standard FBI practice,” Judge Jed Rakoff, who oversaw the 2001 case, said in a 2008 speech. 

“I am not sure whether this meant that the FBI really believes in its polygraph results, despite their inaccuracy, or whether the FBI simply uses the facade of polygraph testing to try to elicit confessions. Either way I think that but for a near miracle, Mr. Higazy would now be rotting in prison or facing execution.”

As director of the FBI, Comey hasn’t changed the bureau’s polygraph recording policy despite his experience with false confessions. “It’s an important example of Comey’s willingness to steamroll someone who was alleged to have engaged in terrorist activity,” Christopher Dunn of the New York Civil Liberties Union told New York magazine.

Another post-9/11 career-defining episode took place when Comey asserted that Jose Padilla, an American citizen who stood accused of plotting a dirty-bomb attack, had no right to a defense lawyer because he was an “enemy combatant.” Seven years later, while Comey was working at Lockheed Martin and then at a hedge fund and HSBC bank, Padilla was found guilty in a civilian court (with a defense attorney).

And then there’s the torture.

Comey repeatedly argued that the Bush administration’s legal embrace of torture would come back to haunt them. A 2014 Senate report said the torture program included not only brutal torture but also deceit of the government and public and obstruction of oversight.

However, Comey ultimately signed off on the torture program along with his other Justice Department colleagues.

Today, Comey is no longer a number two. His leadership of the FBI includes this somewhat uneven and unclear encryption crusade that virtually all experts outside of the FBI agree could have far reaching negative effects on both civil liberty and security.

During Comey’s NSA speech in 2005, he closed out his point on the importance of saying “no” even in the most trying circumstances.

“It is the job of a good lawyer to say ‘yes,’” he said. “It is as much the job of a good lawyer to say ‘no.’ ‘No’ is much, much harder. ‘No’ must be spoken into a storm of crisis, with loud voices all around, with lives hanging in the balance. ‘No’ is often the undoing of a career. And often, ‘no’ must be spoken in competition with the voices of other lawyers who do not have the courage to echo it.”

In this new crypto war, James Comey is saying ‘yes.’

Photo via FBI/Wikipedia | Remix by Jason Reed

Patrick Howell O'Neill

Patrick Howell O'Neill

Patrick Howell O'Neill is a notable cybersecurity reporter whose work has focused on the dark net, national security, and law enforcement. A former senior writer at the Daily Dot, O'Neill joined CyberScoop in October 2016. I am a cybersecurity journalist at CyberScoop. I cover the security industry, national security and law enforcement.