Image: Siim Teder/Estonian Defence Forces

The director of the US' National Security Agency has said that encryption is not a bad thing - but that the authorities still need to be able to gain access to encrypted communications to protect the country's citizens.

Speaking at a cyberwarfare conference in Estonia on Wednesday, admiral Mike Rogers, director of the US National Security Agency and head of US Cyber Command, said: "You're not going to hear me say that encryption is a bad thing. I don't think it is a bad thing. Encryption is not bad. Encryption is a fundamental part of the future; I think it would be ridiculous to pretend otherwise."

However, he said that it is a challenge to ensure the security of US citizens and protect their right to privacy at the same time. "It's not either or in the United States - we have to do both." The question is how to create a legal framework to do both, he added.

"Can we create some mechanism where within this legal framework there's a means to access information that directly relates to the security of our respective nations, even as at the same time we are mindful we have got to protect the rights of our individual citizens?"

Encryption is a hot topic right now: following the revelations by NSA-contractor-turned-whistleblower Edward Snowden about the scale of internet surveillance by the intelligence agency, many more companies have started encrypting their customers' communications.

However, the growth in such communications has in turn led to fears from intelligence agencies and law enforcement - particularly in the US and UK - that, by using uncrackable encrypted communications, criminals will be able to plot in secret. As a result, a number of politicians and law enforcement chiefs want companies to be obliged to unscramble customers' communications when requested by authorities.

Privacy campaigners argue that the use of encrypted communications is a right and that creating any backdoor into encryption systems would fundamentally undermine their security.

Rogers said a framework to allow law enforcement agencies to gain access to communications is in place within the phone system in the United States and other areas, so "why can't we create a similar kind of framework within the internet and the digital age?"

He added: "I certainly have great respect for those that would argue that they most important thing is to ensure the privacy of our citizens and we shouldn't allow any means for the government to access information. I would argue that's not in the nation's best long term interest, that we've got to create some structure that should enable us to do that mindful that it has to be done in a legal way and mindful that it shouldn't be something arbitrary."

Speaking at the conference, organized by the Tallinn-based NATO Cooperative Cyber Defence Centre of Excellence thinktank, Rogers also said that rather than individual countries setting their own rules for control of the internet, international rules similar to those used to govern use of the world's seas should be established - a kind of maritime law of the internet.

"Can't we create a global commons that enables open reliable safe secure and resilient communications the flow of information and ideas that enables us to do it in a framework that maximizes its use for all of us?" he said.

Earlier this month China published a draft national security law which in contrast asserts its "sovereignty" with regards to the internet and cybersecurity.

More on encryption