Technology companies are creating encrypted communication that protects their users’ privacy in a way that prevents law enforcement, or even the companies themselves, from accessing the content. With this technology, a known ISIS bomb maker would be able to send an email from a tracked computer to a suspected radicalized individual under investigation in New York, and U.S. federal law enforcement agencies would not be able to see ISIS’s attack plans. Unfortunately, this scenario is not at all far-fetched. Recently, FBI Director James Comey recently testified before Congress that terror groups such as ISIS are using encrypted programs to hide their communications and recruiting messages from U.S. federal agencies. As a result, ISIS is aggressively targeting young Americans online — and they are succeeding.

Although I understand the concern here, I can also see why companies’ are creating this encrypted communication. Much of my blogs as of late has focused on external breaches of security. The OPM hack made the headlines for weeks and people will be suffering from the consequences resulting from that hack for years to come. The real question is…where is the happy medium? What is the solution to this problem?

The most obvious one is that U.S. tech companies keep a key to that encrypted communication for legitimate law enforcement purposes. In fact, they should feel a responsibility and a moral obligation to do so, or else they risk upending the balance between privacy and safety that we have so carefully cultivated in this country. I hope they make the right decision.