RON WYDEN COMMITTEES:

OREGON COMMITTEE ON FINANCE
COMMITTEE ON BUDGET

RANKING MEMBER OF COMMITTEE ON - COMMITTEE ON ENERGY NATURAL RESOURCES
FINANCE "ltz tat?g [natE SELECT COMMITTEE ON INTELLIGENCE
INT ITT
WASHINGTON, DC 20510?3703 JO COMM EEON 
221 DIRKSEN SENATE OFFICE BUILDING

WASHINGTON. DC 20510
(202) 22475244

January 25, 2018

The Honorable Christopher A. Wray
Director

Federal Bureau of Investigation

935 Avenue Northwest
Washington, DC 20535

Dear Director Wray:

I write to you to express my serious concerns about recent statements you made about your
policy views on 

Last July, we met as part of your con?rmation process. During our conversation you told me that
you had yet to form speci?c Views on At my request, you committed to keeping an
open mind and to continuing a dialogue with me before you took a public position on the issue.

Earlier this month, you gave your ?rst public speech on the topic of at Fordham
University. Citing Silicon Valley?s success in driverless cars and virtual worlds, you claimed in
your speech that companies ?should be able to design devices that both provide data security and
permit lawful access with a court order.? You claim that you?re ?not looking for a ?back door.?
but ?the ability to access the device once we?ve obtained a warrant from an independent judge.?

Regardless of whether the Federal Bureau of Investigation labels vulnerability by design a
backdoor, a front door, or a ?secure golden key,? it is a ?awed policy that would harm American
security, liberty, and our economy. In addition to taking issue with the obvious technical ?aws in
your proposal, I am disappointed you did not contact me prior to your speech, as you promised
you would.

Your stated position parrots the same debunked arguments espoused by your predecessors, all of
whom ignored the widespread and vocal consensus of For years, these experts
have repeatedly stated that what you are asking for is not, in fact, possible. Building secure
software is extremely dif?cult, and vulnerabilities are often introduced inadvertently in the
design process. Eliminating these vulnerabilities is a mammoth task, and experts are uni?ed in
their opinion that introducing deliberate vulnerabilities would likely create catastrophic
unintended consequences that could debilitate software functionality and security entirely.

911 NE 11TH AVENUE 405 EAST 8TH AVE SAC ANNEX BUILDING US. COURTHOUSE THE JAMISON BUILDING 707 13TH ST, SE

SUITE 630 SUITE 2020 105 FIR ST 310 WEST 6TH ST 131 NW HAWTHORNE AVE SUITE 285

PORTLAND, OR 97232 EUGENE, OR 97401 SUITE 201 ROOM 118 SUITE 107 SALEM, OR 97301

(503) 326?7525 (541) 431?0229 LA GRANDE, OR 97850 MEDFORD, OR 97501 BEND, OR 97701 (503) 589?4555
(541) 962?7691 (541) 858?5122 (541) 330?9142


PRINTED ON RECYCLED PAPER

I would like to learn more about how you arrived at and justify this ill-informed policy proposal.
Please provide me with a list of the with Whom you?ve personally discussed this
topic since our July 2017 meeting and speci?cally identify those experts who advised you that
companies can feasibly design government access features into their products Without weakening
cybersecurity. Please provide this information by February 23, 2018.

Sincerely,

Ron Wyden 
United States Senator