Filings In Facebook's Lawsuit Against NSO Show FBI Director Chris Wray Was For Encryption Before He Was Against It
from the just-a-little-awkward dept
I have opined that FBI Director Chris Wray needs to shut the fuck up about encryption. Wray has presented a completely skewed perspective on the issue, following in the footsteps of Jim Comey. Wray claims encryption is leading to a criminal apocalypse, even as crime rates remain at historic lows. He also claims encryption is making it impossible to follow through with investigations, but has presented no evidence to back this claim.
The best argument the FBI could present was its always-growing number of encrypted devices in its possession. In the space of a couple of years, the number jumped from less than 900 to nearly 8,000. This seemed to indicate encryption was a growing problem, but when the FBI tried to verify this number for Congress, it found out it had overstated the amount of locked devices in its possession. In reality, the number of locked devices is likely less than 2,000 — hardly the apocalypse of impregnability Wray and Comey continuously presented. This was discovered in May 2018. The FBI has yet to hand over an accurate count of these devices.
Now, there’s this bit of news, which surfaced during Facebook’s lawsuit against malware developer, NSO Group. Chris Wray was for encryption before he was against encryption. Documents filed by Facebook detail Wray’s defense of WhatsApp and its encryption in an earlier legal battle while Wray was working for the King & Spalding law firm. [paywall-free link here]
In the earlier case, which has never been made public, Mr. Wray, then a partner at King & Spalding, was hired to “analyze and protect” WhatsApp’s software from a Justice Department effort to weaken its encryption in order to conduct wiretap of a WhatsApp user’s data.
The arguments made by Mr. Wray’s firm in favor of WhatsApp’s encryption may undercut his recent calls to push tech firms — including his previous client WhatsApp — to roll back encryption, a move many security experts have likened to a government “backdoor.”
Facebook wants King & Spalding booted from the case, citing its previous involvement in defending WhatsApp against actions brought against it by the DOJ. Facebook raises a good point: someone with intimate knowledge of WhatsApp’s inner workings shouldn’t be allowed to use this inside information to defend itself against this lawsuit.
Facebook’s redacted motion [PDF] names Chris Wray as one of the litigators with inside information, gleaned during a still-sealed legal proceeding that appears to have dealt with the DOJ seeking a court’s permission to break (or block) WhatsApp’s encryption to deploy wiretaps.
At the time, WhatsApp was in the process of implementing end-to-end encryption of communications sent on its platform.
WhatsApp was jointly represented by King & Spalding and ZwillGen PLLC. Specifically, Christopher Wray, Catherine O’Neil, Nick Oldham, and Paul Mezzina of King & Spalding…
Another filing [PDF] — a letter sent from Facebook’s legal reps to NSO Group after it became apparent it was seeking to retain King & Spalding — names Chris Wray as well.
The man who declared Facebook’s move to encrypt Messenger communications as a gift to the world’s criminals once defended WhatsApp’s encryption against the DOJ’s attempt to have it broken or blocked. This apparently occurred around the same time the DOJ was trying to get Apple to break the encryption protecting the San Bernardino shooter’s iPhone.
The New York Times learned of the 2015 matter through confidential sources. At the time, the Justice Department was also engaged in a court battle with Apple, pushing the company to unlock an iPhone belonging to one of the gunmen in a shooting in San Bernardino, Calif. The government ultimately dropped its case after security researchers helped them bypass Apple’s security.
The FBI sees no problem with Wray’s shifting allegiance to encryption. Its statement to the New York Times says the agency supports Wray, no matter how inconsistent his stance. Apparently, it’s fine that he’s willing to change his views to match his employer’s.
“Like all other lawyers, his duty of loyalty was to his client, and he did not put his personal views ahead of his clients’ interests or allow them to affect the legal work he did for clients. Today, as director of the FBI, his duty is to act in the best interests of the American people.”
If that’s his new duty, he’s falling short. He’s acting in the best interest of the FBI and federal prosecutors — the same FBI that also used to recommend people secure their devices with encryption. Strong encryption is in the best interests of the American people. Wray isn’t serving the nation with nearly as much fervor as he apparently defended encryption back when he was getting paid to defend it. WhatsApp’s encryption remains unbroken, despite the DOJ’s efforts. If he didn’t feel it was worth defending then, he probably shouldn’t have defended it. This change of heart doesn’t necessarily make him a hypocrite but it is just one more reason he needs to shut the fuck up about the subject.
Filed Under: backdoors, chris wray, encryption, fbi
Companies: facebook, nso, whatsapp
Comments on “Filings In Facebook's Lawsuit Against NSO Show FBI Director Chris Wray Was For Encryption Before He Was Against It”
... does he know that?
Today, as director of the FBI, his duty is to act in the best interests of the American people.”
In which case it sure would be nice if he actually starting doing that, rather than trying to undermine and cripple the security that hundreds of millions of americans depend on.
Other than client, what's different now?
It might help Mr Wray’s case if he could elucidate what benefit the FBI gets from knowing everything said by users of encrypted programs, clearly and completely, so that the people (his actual bosses, rather than the hierarchy he works within) can evaluate the actual exigency of his position. Otherwise we will continue to take the most likely presumption that the FBI is operating under the same premise as J. Edgar Hoover and collecting information for purposes other than law enforcement. Which is completely out of bounds.
It’s not like the FBI had access to everything said between parties in the past. Sure, they could establish probable cause and get a warrant to tap some telephones, or open snail mail, but that hardly encompasses everything communicated between two people. It’s not like there aren’t other investigatory methods available, though they sound more like work.
And the claim that things might involve ‘national security’ depends upon ones definition of national security. If national security encompasses constraints on the public by gathering information to keep power over the public, then they have the wrong notions about what national security is actually about, and their requests should be denied. Claiming that one cannot prove a negative doesn’t work when one party is withholding evidence that will provide the positive proof.
Good For The Goose
I accidentally started to misread some of the words in the second paragraph, and briefly interpreted them to mean "the FBI is using encrypted devices that can be cracked". Well, wait a minute — if that’s what the FBI wants people to do why doesn’t the FBI just openly publish whatever it uses to both secure its communication devices, as well as how it can access the device information? Is the FBI willing to follow it’s own recommendation first? Don’t show us that you possess encrypted devices. Show us that you are personally willing to use a weak encryption system.
Maybe just before a future visit to your side of the pond, I should put an encrypted .docx file on my tablet which, when eventually cracked open, will read, The FBI sucks Hollywood’s balls.
Nah, you really want to troll a USG agency heavily encrypt a document containing the bill of rights, government agencies hate that thing.
Like all politicians
Like all politicians, Chris Wray can be simultaneously for and against encryption technology, depending upon who is using it, and who is trying to crack it.
He only wants it to be illegal when the government wants to crack someone’s intention.
When he wants to keep government secrets, I’m sure he is all in favor of encryption.
This is not contradictory. Not any more than the idea that encryption can be designed to be magically secure, yet breakable once a court order is presented.