The Director of the FBI, James Comey spoke at the Brookings Institution today and told audience members that an old law needs to be updated to include encryption techniques like those employed by Apple and Google on their latest iPhones and Android devices.
“Unfortunately, the law hasn’t kept pace with technology, and this disconnect has created a significant public safety problem,” Comy said.
The law in question that Comy wants changed is the 20-year-old Communications Assistance for Law Enforcement Act that was originally intended to require telecos to build in ways for police and federal agencies to tap people’s communications. But the act doesn’t say anything about encrypted data on smartphones.
Comey warned that new encryption technologies have evolved to the point that it could adversely affect crime solving.
“Those charged with protecting our people aren’t always able to access the evidence we need to prosecute crime and prevent terrorism, even with lawful authority,” he said. “We have the legal authority to intercept and access communications and information pursuant to court order, but we often lack the technical ability to do so.”
Earlier this month Comey implied that anyone encrypting their phone data was essentially “putting themselves above the law.” A statement one could also apply to locking your front door, burying your documents in a secret location or using code when writing in your diary.
Comey is not the only government official attacking Apple and Google’s recent implementations of encryption by default. A number of police officials and government spokespeople have been trotting out the buzz words like terrorism, kidnapping, child pornography, etc. in an effort to make it seem like the world is going to sink into a seething pit of hell if iPhone users encrypt their emails.
These encryption techniques have been around for years but it has only been in the past few months that Apple and Google announced encryption would be implemented by default on newer devices. And as an ‘oh, by the way’ both companies said that once a user chooses a password no one, not even Google or Apple, can access that encrypted data.
And that’s why police and the FBI are worried.
Before this particular implementation of encryption by default any police or government agency could force device manufacturers to help them crack a locked device (assuming they had some sort of court order or simply played the ‘terrorism’ card and used the Patriot Act to write their own search warrants).
But with the on-by-default implementation of encryption that is based on the user’s unique password, companies like Apple and Google simply can’t crack user’s devices any more no matter how many warrants, court orders or secret search authorizations they are served with.
I’ve read a lot of articles about this (and other security issues involving the government and police forces both in the U.S. and around the world) and I find it interesting that you almost never see comments in favor of making it easier for police and the FBI (or NSA or anyone) to spy on us. In fact most comments say that it’s the government’s own damned fault that people are so wary of being spied upon and when they read statements like those from Comey the general reaction is ‘boo-hoo. You brought this upon yourselves!’