Technolog: Lawyers argue phone encryption helps criminals and blame Apple and Google

 

Three lawyers and a police commissioner from the US, France, England and Spain have used an opinion piece in the NY Times to hold Apple and Google to account for providing their customers with unbreakable encryption of their mobile devices.

 

Cyrus R. Vance Jr. (Manhattan District Attorney), François Molins (Paris Chief Prosecutor), Adrian Leppard (Commissioner of the City of London Police) and Javier Zaragoza (Chief Prosecutor of the High Court of Spain) have argued that the inability of law enforcement to access a user’s phone has, in their view, been directly responsible for disrupting investigations. They cite that in the 9 months to June of this year, 74 iPhones running iOS 8 could not be accessed by investigators in Manhattan and that this affected investigations that included “the attempted murder of three individuals, the repeated sexual abuse of a child, a continuing sex trafficking ring and numerous assaults and robberies”.

 

They claim that encrypting the phones provides no security for the customer against the type of wide-net surveillance carried out by the NSA, nor would it prevent “institutional data breaches or malware”.

 

How the authors of this piece could be so confident that the investigations they give as examples would have had different outcomes with access to the phones is not clear.

 

What is abundantly clear however, is that the encryption of these devices did exactly what it was supposed to do, it stopped someone other than the owner of the phone from gaining access to the contents. The authors didn’t mention the fact that this alone prevents criminals from accessing the content of the phone if it is stolen or lost. Given that 3 million phones were stolen in the US in 2013 and that the majority of people would go to extreme lengths to recover the data on their lost devices.

 

The opinion piece goes on to declare the benefits “marginal” and the consequences to law enforcement is the inability to guarantee the “safety of our communities”.

 

The lobbying by senior law enforcement officials in the press against the use of encryption is becoming a common occurrence. The NY Times piece follows FBI Director James Comey’s declaration that unstoppable terrorism was the consequence of allowing encryption to be used by consumers.

 

All of the rhetoric used in these arguments make so many leaps of faith as to undermine any credibility in their claims. The suggestion for example that criminals/terrorists would not seek to cover their tracks in their phone use, or execute care over what incriminating evidence they kept on their phones is not realistic. The further suggestion that any evidence that the phone itself revealed would be critical in an investigation is likewise, suspect.

 

Remember that police still have access to phone records, and also to all data communication carried out through the device. Both France and the UK have enacted extensive data retention laws. The police can also continue to get access to cloud services used by the phone’s owner, also social media and location data, and a host of other information leaked through the use of the device that continues to be unprotected in the same way as the device itself.

 

Perhaps this is really what is being fought over? The obvious next step in consumer privacy which is putting the encryption of all cloud-based resources in the hands of the consumer so that companies like Google, Apple and Microsoft are unable to hand over information to Government security and law enforcement agencies.

 

The Internet Architecture Board, a committee of industry, academic and government specialists concerned with the functioning of the Internet has declared that they “strongly encourage developers to include encryption in their implementations, and to make them encrypted by default.”

 

Ultimately, it will be society as a whole that determines the appropriate balance of privacy against the wishes of governments and agencies to surveil-at-will. The rights to privacy are stated in the Universal Declaration of Human Rights and it will take more than the alleged inconvenience it causes legal officials to give up those rights.

 

The Conversation

David Glance is Director of UWA Centre for Software Practice at University of Western Australia

This article was originally published on The Conversation. Read the original article.

COMMENTS