In order for any smartphone manufacturer to decrypt the data on your phone, it has to hold onto a secret that lets it get that access. And that secret or that database of secrets becomes an extremely valuable and useful target for intelligence agencies.

I believed then, and continue to believe now, that the benefits to our security and freedom of widely available cryptography far, far outweigh the inevitable damage that comes from its use by criminals and terrorists. I believed, and continue to believe, that the arguments against widely available cryptography, while certainly advanced by people of good will, did not hold up against the cold light of reason and were inconsistent with the most basic American values.

If it were possible to hold onto this sort of database and really be assured that only good guys get access to it, we might have a different discussion. Unfortunately, we don't know how to build systems that work that way. We don't know how to do this without creating a big target and a big vulnerability.

I think it's interesting because the 1990s ended with the government pretty much giving up. There was a recognition that encryption was important. In 2000, the government considerably loosened the export controls on encryption technology and really went about actively encouraging the use of encryption rather than discouraging it.

In order for any smartphone manufacturer to decrypt the data on your phone, it has to hold onto a secret that lets it get that access. And that secret or that database of secrets becomes an extremely valuable and useful target for intelligence agencies.

It may be true that encryption makes certain investigations of crime more difficult. It can close down certain investigative techniques or make it harder to get access to certain kinds of electronic evidence. But it also prevents crime by making our computers, our infrastructure, our medical records, our financial records, more robust against criminals. It prevents crime.

There's been a certain amount of opportunism in the wake of the Paris attacks in 2015, when there was almost a reflexive assumption that, "Oh, if only we didn't have strong encryption out there, these attacks could have been prevented." But, as more evidence has come out - and we don't know all the facts yet - we're seeing very little to support the idea that the Paris attackers were making any kind of use of encryption.