Why smartphone encryption has law enforcement feathers ruffled

There’s a downside to Android and iOS’s privacy-enhancing encryption—it’s going to be harder to catch criminals, police say.

smartphone encryption lead image
By Unknown photographer (National Security Agency) [Public domain], via Wikimedia Commons

Facebook, Google, and Yahoo have all ramped up the encryption of computer traffic since revelations by whistleblower Edward Snowden indicated that mass surveillance was rampant by governments.

And not only rampant, but legal too, according to security services regulators. The Financial Times newspaper has recently reported on a UK ruling, by a secret tribunal called the Investigatory Powers Tribunal, that says Amnesty, Liberty, and Privacy International’s claims that methods used compromise human rights aren’t valid.

So expect a future struggle getting governments to back off on mass surveillance metadata eavesdropping. Metadata is the often-incriminating wrapper around a message, rather than the actual message content.

Which leaves us, the public, with just a couple of options: either go along with it—and there are many who think that it’s not such a bad thing if the end result is a reduction in terrorism—or take matters into our own hands and seek out privacy tools.

Conveniently, the two biggest smartphone operating system makers, Apple and Google’s Android, already include some elements of encryption by default.

Third-party apps and encrypted Internet circuits like TOR are available too. I wrote about an entirely encryption-oriented VoIP smartphone ecosystem a few days ago in What will be in the Blackphone privacy app store?

Law and order

But it’s that large-scale mobile device-maker encryption, like that found in iOS and now Android natively, because of their widespread adoption, that has pro-law-and-order officials peeved.

One of the problems law enforcement is encountering is that public perception of legal data collection is tantamount to snooping by government or police, rather than simply collecting metadata—the pattern-providing phone number, not the transcript of the call. The public aren’t concerned about semantics—it’s snooping to them.

This new-found public awareness of spying, delivered by Snowden, affects policing efforts just as much as it relates to international government-led spying to nab home-grown and foreign terrorists.

This being a consumer society, phone makers are happy to oblige the knee-jerking customer, which is why encryption in phone operating systems is the latest trend—come and get it.

How law enforcement sees it

FBI Director James B. Comey, in an October 2014 speech, said that he’s increasingly concerned about encryption. He reckons it adversely affects public safety and creates an environment which he and his FBI cohorts call “Going Dark.”

He says that, through court orders, the FBI has the legal authority to intercept communications, "but we often lack the technical ability to do so."

One of the problems going after baddies is logistical. You’ve got to seamlessly monitor disparate devices, like phone and tablet, and multiple types of networks like mobile wireless, Wi-Fi, and so on. Encryption makes this monitoring even harder.

So, Comey is opposed to Apple and Google’s default encryption implementation in their mobile operating systems. Google’s “L,” its latest version, which is rolling out to existing devices now, includes some encryption. Apple has had parts of its OS encrypted for some time.

Attorney General Eric H. Holder Jr. agrees with Comey, and cites kidnappers and sexual predators as targets that will be harder to catch.

He didn't mention spying when he spoke about it in late 2014, despite mobile device-maker encryption clearly being “a reaction to the public outrage” over revelations by Snowden about the NSA’s secret collection of phone data, according to Timothy M. Phelps, of the Los Angeles Times.

Kill switch

NYPD Police Commissioner Bill Bratton reckons the new, encrypted mobile operating systems are “a terrible disservice to the public” and that they impede police investigations of crimes.

Bratton wants to see some kind of equivalent of a kill switch. Kill switches are a tool that can be used to switch phones off when they get stolen. Law enforcement has been a proponent of cellphone kill switches, and could conceivably lobby for encryption turn-off switches—although Bratton doesn’t say how he sees it working.

Existing laws

The irony over this whole saga is that there is, in fact, a law that requires telcos and Internet providers to build “interception capabilities” into networks for court-ordered surveillance. But it doesn’t cover “new means of communication,” Comey says.

Most new communications tools are “not required by statute to provide lawful intercept capabilities to law enforcement,” he says.

Comey, Bratton, and others are going to have their work cut out for them in persuading the public that they shouldn’t be encrypting their communications. They should have thought of this earlier, though. Snowden snowballs.


Copyright © 2015 IDG Communications, Inc.

The 10 most powerful companies in enterprise networking 2022