The recent legal battles between Apple and the FBI over encrypted phones is just one part of a larger debate over two important sets of priorities—traditional law enforcement and counterterrorism vs. data, device, and cyber security.

Moving forward, an “encryption commission” is a wise way for policymakers to understand the difficult challenges this issue presents and the pros and cons of the different solutions available.

Technological innovation has brought many wonderful additions to our lives, such as personal computers, the Internet, and smartphones. With these advances have also come criminals, hackers, and authoritarian governments that seek to steal private information, corporate secrets, and personal communications, among other items, for their own benefit.

To protect against such hackers and governments, strong encryption has steadily grown to the point where today, properly encrypted information cannot be cracked. Such encryption is great for regular consumers and companies that want their data secured, especially given the near constant news of hacks and breaches.

>>> Read the Full Heritage Foundation Report: “Encryption Commission: Making Sense of Critical Policy Options.”

Just as with other forms of technology, bad actors take advantage of encryption for their own purposes.

The information on San Bernardino terrorist Syed Farook’s iPhone is protected in such a way that no one can access it, and because of Apple’s security measures, the FBI can’t guess the passcode without risking the information being automatically erased (although the FBI may have found a way into the phone).

So the big question: Should law enforcement be able to gain access to encrypted information, either through some form of built in special access, aka a back door, or through weakening other protections such as those around passcodes?

There are strong rationales and arguments on both sides of this question.

Those on Apple’s side argue that breaking down encryption or passcode protections will:

  • Create a precedent for other countries to use this against dissidents.
  • Insert a vulnerability into every iPhone (and other device) that could be found and abused by malicious actors.
  • Fail to stop many bad actors who can use third-party applications to further encrypt their information.

On the other hand, law enforcement and the intelligence community argue that without such access, terrorist and criminal investigations will increasingly face roadblocks and dead ends, putting Americans in danger.

There are important security implications surrounding this highly technical issue, but regrettably, some have been quick to dismiss the case put forward by the other side.

Instead, Congress should consider a commission to study the potential paths forward. This will not stop the ongoing legal proceedings, but it will provide Congress with the information they need to consider the policy options and trade-offs in clearer detail.

Individuals and groups on both sides of this issue, from intelligence and homeland security leaders to technology and privacy advocates, agree that a deliberate approach is called for.

Rather than jump to a hasty decisions, Congress should take the time to get this serious issue right.