Deadly terrorist attacks on Friday in Paris, apparently planned by ISIS, have ignited a new round of concerns over encryption on smartphones.
"A lot of people in these terror groups have developed encryption techniques and France has one of the most sophisticated systems for monitoring communications. If France didn't pick up this attack in advance, it's a wake up call for all of us," said Darren Hayes, assistant professor and director of cybersecurity at Pace University.
Encrypted messages reportedly helped ISIS hide communications prior to the attacks, keeping security agencies from any advance warning of what was being planned. Some experts have blamed the attacks on the growth of cheap or free smartphone apps like WhatsApp or Chatsource that encrypt messages.
REUTERS/Charles Platiau The Eiffel Tower is lit with the blue, white and red colours of the French flag in Paris, France on Nov. 16, 2015 to pay tribute to the victims of a series of deadly attacks on Friday in the French capital.
Other experts pleaded Monday with lawmakers in the U.S. and other countries to find ways to force private companies like Apple and Google to redesign their operating systems to relinquish encryption keys under court order if a judge decides that gaining access to messages is considered a matter of international security.
ISIS operatives used encrypted messages to go dark and elude intelligence agencies in the days before the bombings and gun attacks that left 129 dead and many more wounded, intelligence officials said, based on various reports by CBS and others.
Even if various easy-to-get encryption apps were not deployed by ISIS, the group could have built its own messaging encryption that would have been nearly impossible for even sophisticated spy agency servers to break.
Al-Qaeda and ISIS have probably built their own proprietary encryption protocols for Internet and mobile communications, not trusting Western technologies like those in various apps, Hayes said. Clamping down or restricting sales of smartphone apps that offer encryption wouldn't be realistic or even effective in combatting proprietary encryption.
Former CIA deputy director Mike Morrell said today on CBS This Morning and on Face the Nation yesterday that there needs to be a public debate about the use of encryption apps to protect privacy. Developers of those apps don't always give law enforcement agencies the keys they need to read encrypted messages, he said.
Americans have shown an interest in protecting the privacy of their smartphone data and communications since the Edward Snowden revelations last year, which raises interest in downloading encryption apps, Morrell and Hayes noted.
Sign up for CIO Asia eNewsletters.