FBI Director Chris Wray Turns On The Charm, Tries To Convince Tech Companies He’s Not Their Enemy

by
Tim Cushing
from Techdirt on (#68VZP)
Story Image

After years of portraying tech companies as havens for nerd antagonists, FBI Director Chris Wray is trying to build a few extremely belated bridges.

The rift between FBI and tech companies started with the rollout of default encryption for phones. Apple was the first to market with by-default encryption, something that became the focus of FBI lawyering while investigating the San Bernardino shooting. The FBI had private sector options to crack the shooter's iPhone, but instead spent weeks trying to obtain favorable precedent that would force tech companies to undermine device encryption.

Since then, anti-encryption FBI director James Comey gave way to anti-encryption FBI director Chris Wray (following the rejection of President Trump's clumsy late night pass). But the party line never changed: the world of criminal investigation was going dark" and only the nerds at tech companies could prevent this.

The nerds at tech companies reminded the FBI director multiple times that undermining encryption means encryption no longer works. Chris Wray insisted they just weren't thinking hard enough about the FBI's demands. In the background, the FBI's inability to correctly tally physical devices in its possession generated more inconvenient headlines for Wray and his anti-encryption agitating.

And the agitation has continued non-stop, with Wray accusing companies of being purposefully antagonistic by offering security and privacy to their users while using nonsensical loaded terms like warrant-proof encryption."

The FBI also got into the cybersecurity business during this period of time, presenting itself as an ally while asking companies to share anything of use with an agency that has repeatedly shown it has little respect for anyone in the private sector that isn't automating the licking of boots.

The FBI - at least as personified by its directors - appears to believe respect should be commanded, rather than earned. Tech companies don't really need the FBI, so the deference the FBI feels is owed it hasn't materialized.

After years of failing to move the dial, the FBI director finally appears to have recognized that a softer touch is needed. The FBI has actually done some good stuff on the cybersecurity front. It has compromised malicious entities to obtain decryption keys from ransomware purveyors, allowing victims to regain access for free.

Not 100% shitty" is the sales pitch. And that's the sales pitch Chris Wray is now making (albeit only to certain listeners), as Aruna Viswanatha reports for the Wall Street Journal.

I'm glad you're here, in every sense of the word," Mr. Wray told a gathering of Fortune 500 executives last year, urging them to work with the FBI. The agency's top cyber official, Bryan Vorndran, frequently tells cybersecurity experts that the FBI is trying to offer Ritz Carlton-level customer service" to companies that report to the bureau when they are victims of a cyberattack, offering to fight with regulators and deal with the media on their behalf. Only through such cooperation, the bureau says, including trusting the FBI with sensitive corporate information, can the agency marshal an effective response.

The velvet gloves are on. But let's not kid ourselves: the government should be providing Ritz Carlton-level service" to everyone already. I mean, we're paying for it. And in the FBI's cases, we're paying top dollar. High-level service should be the baseline. The government has obligations. It should fulfill them, and it should do it without insinuating its level of service will vary based on the cooperation of private entities.

But this is the voice of the FBI, as enunciated at none other than Davos, the annual meeting of the most powerful businesses in the world. What may look like concessions and offerings of help and support need to be considered in this context. The FBI may be presenting itself as Big Business's best friend, but that's the sort of message one would expect it to deliver during a road game attended by plenty of rich people that don't have a particular need for any of the FBI's services.

Tailoring content for an audience is smart. But even the FBI knows its belated sales pitch will be seen as insincere and untimely. So, it is, again, trying to hint that not working with the FBI will result in some sort of private sector chaos by using loaded language to compare cyberthreats to terrorist attacks that killed thousands.

FBI officials say they can't put a dent in cybercrime or economic espionage by focusing primarily on after-the-fact indictments, and they have pushed deeper into other offensive and defensive operations that rely on the private sector's willingness to participate.

Current and former officials have likened the approach to the bureau's mission after the Sept. 11, 2001, attacks to disrupt terrorism plots before they can be carried out.

The FBI can be useful. But it needs to get out of its own way. And it definitely needs to stop talking about device and communication encryption. It has spent years lying about the scope of the threat posed by encryption. And it has spent even more years ignoring specific questions about the alleged problems it has witnessed firsthand.

Until the FBI is willing to be honest about all the issues faced by tech companies, it shouldn't be showing up at business conferences with we're all in this together" business cards. The FBI's years of antagonism can't be waved away with a couple of pro-cooperation statements. If the FBI wants the trust of tech companies, it will have to earn it - something it still seems uninterested in doing.

External Content
Source RSS or Atom Feed
Feed Location https://www.techdirt.com/techdirt_rss.xml
Feed Title Techdirt
Feed Link https://www.techdirt.com/
Reply 0 comments