Law Enforcement Freaks Out Over Apple & Google's Decision To Encrypt Phone Info By Default
from the we're-all-gonna-die dept
Last week, we noted that it was good news to see both Apple and Google highlight plans to encrypt certain phone information by default on new versions of their mobile operating systems, making that information no longer obtainable by those companies and, by extension, governments and law enforcement showing up with warrants and court orders. Having giant tech companies competing on how well they protect your privacy? That’s new… and awesome. Except, of course, if you’re law enforcement. In those cases, these announcements are apparently cause for a general freakout about how we’re all going to die. From the Wall Street Journal:
One Justice Department official said that if the new systems work as advertised, they will make it harder, if not impossible, to solve some cases. Another said the companies have promised customers “the equivalent of a house that can’t be searched, or a car trunk that could never be opened.”
Andrew Weissmann, a former Federal Bureau of Investigation general counsel, called Apple’s announcement outrageous, because even a judge’s decision that there is probable cause to suspect a crime has been committed won’t get Apple to help retrieve potential evidence. Apple is “announcing to criminals, ‘use this,’ ” he said. “You could have people who are defrauded, threatened, or even at the extreme, terrorists using it.”
The level of privacy described by Apple and Google is “wonderful until it’s your kid who is kidnapped and being abused, and because of the technology, we can’t get to them,” said Ronald Hosko, who left the FBI earlier this year as the head of its criminal-investigations division. “Who’s going to get lost because of this, and we’re not going to crack the case?”
That Hosko guy apparently gets around. Here he is freaking out in the Washington Post as well:
Ronald T. Hosko, the former head of the FBI?s criminal investigative division, called the move by Apple ?problematic,? saying it will contribute to the steady decrease of law enforcement?s ability to collect key evidence ? to solve crimes and prevent them. The agency long has publicly worried about the ?going dark? problem, in which the rising use of encryption across a range of services has undermined government?s ability to conduct surveillance, even when it is legally authorized.
?Our ability to act on data that does exist .?.?. is critical to our success,? Hosko said. He suggested that it would take a major event, such as a terrorist attack, to cause the pendulum to swing back toward giving authorities access to a broad range of digital information.
Think of the children! And the children killed by terrorists! And just be afraid! Of course, this is the usual refrain any time there’s more privacy added to products, or when laws are changed to better protect privacy. And it’s almost always bogus. I’m reminded of all the fretting and worries by law enforcement types about how “free WiFi” and Tor would mean that criminals could get away with all sorts of stuff. Except, as we’ve seen, good old fashioned police/detective work can still let them track down criminals. The information on the phone is not the only evidence, and criminals almost always leave other trails of information.
No one has any proactive obligation to make life easier for law enforcement.
Orin Kerr, who regularly writes on privacy, technology and “cybercrime” issues, announced that he was troubled by this move, though he later downgraded his concerns to “more information needed.” His initial argument was that since the only thing these moves appeared to do was keep out law enforcement, he couldn’t see how it was helpful:
If I understand how it works, the only time the new design matters is when the government has a search warrant, signed by a judge, based on a finding of probable cause. Under the old operating system, Apple could execute a lawful warrant and give law enforcement the data on the phone. Under the new operating system, that warrant is a nullity. It?s just a nice piece of paper with a judge?s signature. Because Apple demands a warrant to decrypt a phone when it is capable of doing so, the only time Apple?s inability to do that makes a difference is when the government has a valid warrant. The policy switch doesn?t stop hackers, trespassers, or rogue agents. It only stops lawful investigations with lawful warrants.
Apple?s design change one it is legally authorized to make, to be clear. Apple can?t intentionally obstruct justice in a specific case, but it is generally up to Apple to design its operating system as it pleases. So it?s lawful on Apple?s part. But here?s the question to consider: How is the public interest served by a policy that only thwarts lawful search warrants?
His “downgraded” concern comes after many people pointed out that by leaving backdoors in its technology, Apple (and others) are also leaving open security vulnerabilities for others to exploit. He says he was under the impression that the backdoors required physical access to the phones in question, but if there were remote capabilities, perhaps Apple’s move is more reasonable.
Perhaps the best response (which covers everything I was going to say before I spotted this) comes from Mark Draughn, who details “the dangerous thinking” by those like Kerr who are concerned about this. He covers the issue above about how any vulnerability left by Apple or Google is a vulnerability open to being exploited, but then makes a further (and more important) point: this isn’t about them, it’s about us and protecting our privacy:
You know what? I don?t give a damn what Apple thinks. Or their general counsel. The data stored on my phone isn?t encrypted because Apple wants it encrypted. It?s encrypted because I want it encrypted. I chose this phone, and I chose to use an operating system that encrypts my data. The reason Apple can?t decrypt my data is because I installed an operating system that doesn?t allow them to.
I?m writing this post on a couple of my computers that run versions of Microsoft Windows. Unsurprisingly, Apple can?t decrypt the data on these computers either. That this operating system software is from Microsoft rather than Apple is beside the point. The fact is that Apple can?t decrypt the data on these computers is because I?ve chosen to use software that doesn?t allow them to. The same would be true if I was posting from my iPhone. That Apple wrote the software doesn?t change my decision to encrypt.
Furthermore, he notes that nothing Apple and Google are doing now on phones is any different than tons of software for desktop/laptop computers:
I?ve been using the encryption features in Microsoft Windows for years, and Microsoft makes it very clear that if I lose the pass code for my data, not even Microsoft can recover it. I created the encryption key, which is only stored on my computer, and I created the password that protects the key, which is only stored in my brain. Anyone that needs data on my computer has to go through me. (Actually, the practical implementation of this system has a few cracks, so it?s not quite that secure, but I don?t think that affects my argument. Neither does the possibility that the NSA has secretly compromised the algorithm.)
Microsoft is not the only player in Windows encryption. Symantec offers various encryption products, and there are off-brand tools like DiskCryptor and TrueCrypt (if it ever really comes back to life). You could also switch to Linux, which has several distributions that include whole-disk encryption. You can also find software to encrypt individual documents and databases.
In short, he points out, the choice of encrypting our data is ours to make. Apple or Google offering us yet another set of tools to do that sort of encryption is them offering a service that many users value. And shouldn’t that be the primary reason why they’re doing stuff, rather than benefiting the desires of FUD-spewing law enforcement folks?
Filed Under: 4th amendment, encryption, law enforcement, orin kerr, phones, privacy, security
Companies: apple, google
Comments on “Law Enforcement Freaks Out Over Apple & Google's Decision To Encrypt Phone Info By Default”
Police who say they can’t do their jobs without violating the constitution are saying they can’t do their jobs.
Re: Re:
They can’t job period
Re: Re: Re:
Not even the into option for them.
Have we all forgotten those dark ages?
Remember those dark days before smartphones existed? How could we forget those terrible times when no crimes could be solved because there were no smartphones to be searched?
Re: Have we all forgotten those dark ages?
How did law enforcement solve crimes back in the days when there was no phones, or telegraph, just letters and person to person contacts?
/rhetorical
Re: Re: The dark and gritty ages.
The middle ages was also when the Holy Inquistion reasoned that they could torture witnesses as well.
And they would do so until a given witness would confess another person that may have seen or heard something.
Sometimes the inquisitioner would torture an entirenvillage to get to the enemies of the Church.
Let’s call this one a cautionary tale, yes?
Re: Have we all forgotten those dark ages?
smart phones add a new element to everything. they are integrated into almost everyone’s daily lives.
they can be used as very effective tools for criminals as well as they are useful for regular folks.
cyber stalking, ect.
some people post every moment of their lives and that makes very useful for kidnapping and everything that follows.
“Won’t somebody please think of the children?”
I have. I’d rather they not grow up in a totalitarian, authoritarian dictatorship.
That headline makes me squirm with glee.
They can get fucked. The criminal scumbags shouldn’t have this power without a fully-handwritten and legible court order that they can produce on demand. And if they can’t? Arrest them on terrorism charges.
How will we abuse our power if you keep putting technical roadblocks in the way!
Just think...
If the capability weren’t being abused on a near-daily basis, Apple and Google would have other things to worry about.
So, they know more than they are able to say by making this such a high priority.
Three things…
Mr. Kerr mentions that he had fewer concerns if physical access was required. How many phones are stolen every day?
Second, he neglects to mention that police have been taking peoples phones and reading the contents without a warrant for years. They even have law enforcement approved tools to do so.
And lastly, CALEA would still allow a lawful intercept of communications through the provider.
They just don’t want us to have the ability to do unauthorized arithmetic in the privacy of our own bedrooms, or elsewhere.
Re: Re:
Of course not – that’s a sign you are a follower of Al Gebra
Re: Re: Re:
Of course not – that’s a sign you are a follower of Al Gebra
Oh, my! Aren’t they suspected of having weapons of math instruction?
probable cause
If there is real probable cause to suspect a crime then the police and get a court order and can ask the phone owner for the keys. If it is a valid court order then they can unlock the phone or sit in contempt.
How can it possibly be an issue for lawful search warrants?
Re: The key to the phone...
Is protected by the fifth. It would be like forcing someone to reveal where the body was buried, in the poppy garden.
Re: Re: The key to the phone...
The key to the phone…
Is protected by the fifth.
I think that’s been decided different ways by different courts.
There is a reason these are being made available as standard features. They’ve always been out there for you to use without the permission of the makers of hardware. You can do this yourself. So where is all the hubbub about these programs existing to begin with? That part is strangely silent and not mentioned, like it is not a concern unlike encrypted phones coming from the OEM.
What that point above means is that the increased use will return privacy back to the individual. None of this would be necessary had it not been abused, had the public not had it’s nose rubbed in this, had there been any sort of check, balance, or method to reign in these spying yokels.
People understand it has been a violation of their rights. No matter how it is dressed, it still comes out looking like a skunk and they want something done about it, whether the government/authorities/congress/whatever agree or not.
They’ve already had a prime example of how congress views being spied on and the public doesn’t have that avenue to make their dislikes strongly known.
Re: Re:
That part is strangely silent and not mentioned, like it is not a concern unlike encrypted phones coming from the OEM.
Because until it’s from the OEM there’s no large public target for law enforcement types to rail against. Or maybe less cynically they’re not worried about it becoming commonplace until it’s OE.
Sounds like this Hosko guy is worried about the supply of stolen celebrity nudes suddenly drying up.
Missing...
One relevant issue…
“Apple Still Has Plenty of Your Data for the Feds”
“If law enforcement confiscated your phone and wanted to snoop at its data, all they would have to do is serve Apple a warrant and to get a copy of the plaintext data. A version of Apple’s Legal Process Guidelines for U.S. Law Enforcement dated May 7th, 2014 explains:”
From The Intercpt
Re: Missing...
“all they would have to do is serve Apple a warrant”
Which is what we have been wanting all along.
Its not that people are against them snooping at all… we just say you cannot do it in “Secret Courts” but instead as defined by the Constitution. Get a Warrant and you are GOLDEN!
Great news. Now if only I could get into the queue to download iOS 8
He really should have picked a better example. This argument basically boils down to “I own my device and therefore I have the right to use it as I wish.” And as sensible a position as that is, and as much as I agree with it, Apple, specifically, has made it painfully clear from Day 1 that that is not the case. You may have purchased it, but you do not have anything resembling traditional rights of control over your own property; Apple does. That’s what their “walled garden” is all about: your property is not your property, you pay for it but Apple still controls it and dictates what you can and cannot do with it.
If you choose to encrypt your iPhone, you do so at Apple’s sufferance. Do you really believe that they don’t have a way in, their claims notwithstanding?
Re: Re:
Personally, I’d worry more about Google- given its cozy relationship with the NSA.
Re: Re: Re:
As near as I can tell, Google’s relationship with the NSA isn’t any more or less cozy than Apple’s.
Re: Re: Re:
You mean the company that was infuriated when they found the NSA spying on them and immediately went to HTTPS everywhere to slam the door in their faces? That Google?
Re: Re: Re:
It isn’t ok if the other party says no , We call that rape .
Re: Re: Re: Re:
“Do you want to play the rape game?”
“No…”
“That’s the spirit!”
Re: Re:
He really should have picked a better example.
Indeed. OSX has offered whole disk encryption since Panther.
Re: Yup
Mason, I agree, Apple’s approach to control of the iPhone platform has not been helpful, and I think their attitude is part of the reason why people like Hosko think they should be able to get our data by going through Apple without involving us. But as you say, “I own my device and therefore I have the right to use it as I wish” is more sensible, even if Apple and the FBI would disagree.
I think that if Apple does have a way in, but they are responding to warrants by saying they don’t, they would get into a lot of trouble. Maybe even criminal indictments for obstructing justice. So I kind of doubt it.
Orin Kerr's comment
In Orin Kerr’s WP article, he makes this statement:
I found this interesting, and telling. He’s talking about the law, and in that context I don’t think this statement is incorrect — that is the tradition. However being the tradition doesn’t make it actually true.
Warrant protection is a far cry from being a “Gold Standard”. I would argue that it’s the minimum standard, instead. It’s on the weak end of privacy protection scale — the weakest that anyone in their right mind would accept.
Given how many police have made the news in recent years for raping little girls (and get away with it because police chiefs laugh off any and all public complaints), “because of the technology, we can’t get to them” is sending the opposite message he intended.
This is going to trigger congress to pass a law requiring law enforcement backdoors in all devices, while making it a criminal offense to use or create encryption schemes without said backdoors.
There was a time when i would have thought that the above idea was ludicrous for all the obvious reasons. Now, with all the liberty erosion i’ve seen since 9/11, i’m convinced those reasons won’t matter.
Once the DOJ really starts barking loudly about this, congress will act and it will all be over but the crying.
Re: Re:
“There was a time when i would have thought that the above idea was ludicrous for all the obvious reasons.”
Given that there was a strong effort to do exactly this back in 1993 (search for “key escrow” and “clipper chip”), the idea certainly isn’t ludicrous. It was (and, I hope, still is) politically infeasible, though.
Re: Re: Re:
Good luck with that. This nation is doomed short of blood in the streets.
We have more illegals to deal with than possible for the electorate to restore our liberties.
The current new influx of illegals will have more freedom and liberty here than their former lives if we lost 50% of what we have.
Re: Re: Re: Re:
“This nation is doomed short of blood in the streets.”
But did you read what Hosko claimed?
“He suggested that it would take a major event, such as a terrorist attack, to cause the pendulum to swing back toward giving authorities access to a broad range of digital information.”
That sounds like the nation is doomed if there is blood in the streets. Because you know any violent push-back by the citizenry will immediately be labeled terrorism and responded to accordingly.
Re: Re: Re:2 Re:
“He suggested that it would take a major event, such as a terrorist attack, to cause the pendulum to swing back toward giving authorities access to a broad range of digital information.”
If the pendulum is currently on the side of not giving authorities access to information, what would the other side look like? Never mind, I don’t think I want to know.
Re: Re: Re: Re:
Somehow, I don’t think your limited numbers of illegals are your problem. I think the larger number of government (local and federal) officials and corporate oligarchs are much more your problem.
How an illegal immigrant affects your liberties the way the NSA, ICE or Disney do, I don’t know.
But you know, easy RW target…
The usual excuses
Anytime they want to do something no one wants them to do they immediately pull out the “terrorist!” and “think of the children!” cards. Hasn’t everyone gotten wise to that already?
Re: The usual excuses
NO, because you live in a peaceful society that has only sparingly used the guise of “fighting a foreign enemy” to take your rights away. Now they just happen to be on an accelerated pace.
Assuredly I say do you, we all have ridiculed those speaking against the encroachment of government against our liberties.
There is an easy way to tell if you are one such individual at odds with the constitution.
Do you support law that removed a felons right to keep and bear firearms.
If you do, then you have no standing… if that constitutional right can be removed just because you now have a label affixed to your status then so can your very right to life.
Last week, we noted that it was good news to see both Apple and Google highlight plans to encrypt certain phone information by default on new versions of their mobile operating systems, making that information no longer obtainable by those companies […]
Why should we believe this? Yes, I know that’s what they said, but why should we believe that this is actually true? What evidence — what independently-verifiable evidence, actually — is on the table to prove this claim?
I’m echoing/paraphrasing John Gilmore’s insightful comments here — which I STRONGLY recommend to everyone:
http://www.metzdowd.com/pipermail/cryptography/2014-September/022919.html
I think it’s a little too early to conclude that what these glowing press releases claim is really true. Or that if true, that it will remain true for long. It seems quite unlikely that rapacious data predators who have already proven over and over and over again that they will do absolutely anything to acquire data, including breaking any laws that get in their way, will simply sit back and quietly accept this as the new status quo. Why would they do such a thing when they have every motivation to do otherwise and when they can rest assured that no matter what they do, they will never face any consequences of any kind?
Re: Re:
It seems quite unlikely that rapacious data predators who have already proven over and over and over again that they will do absolutely anything to acquire data, including breaking any laws that get in their way, will simply sit back and quietly accept this as the new status quo.
I don’t see why not, they don’t need access to your data while it’s on your phone. They just need you to use their services and apps that send them your data. Anyone not using their services isn’t going to be particularly attractive to them anyway, and if they can get more people to use them by offering security tools, they benefit.
OT:
http://www.hollywoodreporter.com/thr-esq/siriusxm-suffers-crushing-loss-high-734981?mobile_redirect=false
Wow
Policies, and laws
The policy switch doesn’t stop hackers, trespassers, or rogue agents. It only stops lawful investigations with lawful warrants.
On the other hand, laws do not stop the criminals, only the lawful persons.
So what?
Re: Policies, and laws
“The policy switch doesn’t stop hackers, trespassers, or rogue agents”
But it certainly does hinder them by removing the back door that they could use.
Re: Policies, and laws
“How is the public interest served by a policy that only thwarts lawful search warrants?”
Off topic … Didn’t the NSA use a lawful search warrant to pull a couple trillion individual records last year?
Re: Re:
No. They used an unlawful search demand issued by a secret court pursuant to a secret misinterpretation of law to pull those records.
and of course, it hasn’t come about because of anything law enforcement has done, has it? definitely not!!
Nice, but...
…they’re just going to change the laws to require companies give them access when requested.
Re: Nice, but...
They might, but this would be a major legislative effort that couldn’t happen quickly — and would stir up a major debate once the effort begins.
It’s one thing to require companies to give access to stuff they already have. It’s quite another to require companies to engineer their products in a particular way to make that possible.
encryption
Obligatory xkcd link
Re: encryption
Not actually that relevant here. What Google & Apple are doing is making it impossible for them to comply, even if they wanted to really, really badly (for instance, because their knees are getting whacked.)
The cartoon addresses being forced to hand over your own keys — nothing in Apple or Google’s actions affects that possibility one bit. It just means that you’ll get the subpena instead of Apple or Google.
probable cause
No, you can’t be forced to disclose your password or unlock a phone, unless and that’s the big caveat the government already can prove you know it.
Entering a password or unlocking a safe is a testimonial act because it may reveal ownership, custody, and knowledge of the contents inside the box and may authenticate the person as its owner.
We are in fifth Amendment territory, and you have an absolute right not to give the government incriminating information.
The government can only overcome the Fifhth Amendment bar by granting act of production immunity or prove your knowledge from an independent source.
Probable cause has nothing to do with the Fifth Amendment, and a valid Fourth Amendment search does not negate the Fifth Amendment protection against self incrimination.
Re: probable cause
“We are in fifth Amendment territory, and you have an absolute right not to give the government incriminating information.”
This isn’t settled law at all. Some courts have ruled in the way you say, others have ruled the opposite. Generally, courts have ruled that if the police already know that there is evidence in the encrypted data, you can be compelled to reveal the key, but you can’t be compelled to reveal the key so they can go on a fishing expedition.
Re: Re: probable cause
If the police can prove that there is evidence of wrongdoing in encrypted data, they do not need it decrypted, if it only requires them to claim to know such evidence is in the encrypted data, they are fishing.
Re: Re: Re: probable cause
“If the police can prove that there is evidence of wrongdoing in encrypted data, they do not need it decrypted”
Not true at all. It’s completely possible to know that evidence of wrongdoing exists somewhere but not have that evidence in your possession.
Really, this isn’t much different than what is required for search warrants: cops can’t (technically) get a search warrant for a fishing expedition either. They have to demonstrate to a judge that they are looking for specific evidence that they already know exists in the place they’re searching.
Re: Re: probable cause
John,
This is what really burned my toast in Orrin Kerrs writeup, he seems to think the fifth is a foregone conclusion, because of Boucher. Now, I looked into Boucher, and its like you said: The gov’t already KNEW that there was evidence in Bouchers computer, because they had seen it at the border.
My view is that gov’t can’t compel you to reveal the your password if they don’t know whats on your phone. They can’t just go on fishing expeditions.
I don’t think they can just browbeat you with the threat of contempt until you give up your password if they don’t know what you have. Kerr seems to think otherwise, which is a shame given his credentials.
Re: probable cause
We are in fifth Amendment territory, and you have an absolute right not to give the government incriminating information.
Unless they say the magic word “terrorism” and then all your rights vanish in a puff of smoke…
Re: Re: Fifth Amendment territory.
Since the police are so eager to get the bad guy, preferring false positives over false negetives, why don’t they just shoot everyone with an encrypted cell phone? After all cell phones have beem confused as weapons befpre.
A slightly nicer option is to sweat suspects to decrypt their phones Fifth Amendment protections are in place: they don’t have to open the phone, but also the tasings and seasonings with pepper spray don’t have to stop either.
And to cinch things well into legality, the interrogation doesn’t have to stop until the suspect signs a release saying he volunteered the contents of the phone and participation in the interrogation process. What a complaint citizen!
Re: Re: Re: Fifth Amendment territory.
With an encrypted cell phone? That restriction would place an undue burden on law enforcement.
Re: Re: Re:2 Fifth Amendment territory.
With an encrypted cell phone? That restriction would place an undue burden on law enforcement.
Oh don’t worry, they can just shoot anyone they suspect of having an encrypted phone. If it turns out to be just a regular phone, or a bagel, or their hand, well oops.
> The agency long has publicly worried about the “going dark” problem, in which the rising use of encryption across a range of services has undermined government’s ability to conduct surveillance, even when it is legally authorized.
If you have to say “even when it is legally authorized”…
probable cause
All the courts having compelled the person to decrypt the information have ruled so because of the foregone conclusion exception to the Fifth Amendment.
In the Boucher and Fricosu cases, the government already knew that the suspect was able to decrypt the computer and the self incrimination privilege could therefore not be invoked because the person by his own admission had made the testimonial aspects a foregone conclusion.
However, in the 11th Circuit case, the government could not
prove that the suspect was able to decrypt, or the existence of an encrypted file system, and Professor Kerr noted that the outcome of the case was likely correct.
Re: probable cause
I’m sorry, but in Boucher, they knew what was already on the computer. Not that he was able to decrypt it.
Being able to decrypt is not a foregone conclusion. That doesn’t make any sense. If they don’t know what they are going to find, they can’t just go on fishing expeditions.
probable cause
And that’s practically the same outcome even if Congress passes a law like UK’s RIPA S.49.
Under RIPA it’s a criminal offense knowingly to fail to disclose an encryption key to the police.
However, the government must still prove that you know the key and knowingly fail to disclose it beyond a reasonable doubt for the criminal sanction to be applied.
If several users share a computer or online account, or it can’t be proven who has the key no one can be compelled to disclose it.
The sanctions under RIPA are rarely imposed, and only if the suspect openly flouts the requests or is caught in the act of entering the password, he well get convicted.
This guy is incredible
This guy writing for the Washington Post doesn’t understand Apple and Google’s encryption or that it wouldn’t have stopped him from solving a kidnapping:
http://www.washingtonpost.com/posteverything/wp/2014/09/23/i-helped-save-a-kidnapped-man-from-murder-with-apples-new-encryption-rules-we-never-wouldve-found-him/
Children???
Just like we have Godwin’s law (As an online discussion grows longer, the probability of a comparison involving Nazis or Hitler approaches 1), we need to name the effect for how fast a variant of “Think of the children!!” will appear when discussing civil liberties and related topics.
We also need to say that Yes, we thought of the children, and they’re irrelevant to the discussion.
Are there any stats
How many kidnapped kids were saved in (say) 2012 thanks to these phone privacy invasions? Or are these hypothetical kids and hypothetical kidnappers?
I have seen (but dont have time to link to) cases where criminals were not conviced because of the fact that all the evidence was encrypted, and the police could not access it. CP, terrorism, and similar activities now can’t be proven, and with services like VPN and proxies on the rise anonymity is increasing.
There is a risk.
Re: Re:
In other words police had their supicions, maybe strong suspicions, but no evidence at all.
Re: Re:
I suspect, based on a hint from a little bird, that parent poster has engaged in some form of criminality, but I don’t know what and he encrypted all the evidence, so I can’t prove any of it. Can we convict him anyway? 🙂
Re: Re:
I have seen (but don’t have time to link to) photos of Ronald T. Hosko molesting a goose. This is real, people.
Re: Re: Incriminating pictures of goose molestation.
I bet they’re encrypted by now.
probable cause
Actually Kerr’s position is more nuanced.
He noted regarding the 11th circuit’s ruling:
“Based on a very quick skim, the analysis seems mostly right to me — in result, at least, although perhaps not as to all of the analysis. I hope to blog
more on the case later on when I have a bit more time.
Also note that the court’s analysis isn’t inconsistent with Boucher and Fricosu, the two district court cases on 5th Amendment limits on decryption. In
both of those prior cases, the district courts merely held on the facts of the case that the testimony was a foregone conclusion.”
http://www.volokh.com/2012/02/23/eleventh-circuit-finds-fifth-amendment-right-against-self-incrimination-not-to-decrypt-encyrpted-computer/
So Professor Kerr seems to agree that the Fifth Amendment can be invoked at least where the government can prove very little about the suspect’s custody and ownership of the data.
paradoxically it means that hard child pornographers who are careful not to talk to the police, and don’t use easily provable encryption can invoke the privilege whereas stupid ordinary people who don’t know or care about criminal procedure will let the cat out of the bag.
The statements yes, the phone is mine and I wont cooperate probably satisfies the foregone conclusion, but the statement I plead the Fifth or even better I only talk to the police with counsel present reveals nothing.
I want a reporter or someone close to the guys who are opposed to ask this if their phones are encrypted.
Policies, and laws
You are assuming that there was a crime, and that the incriminating evidence was encrypted.
If the police could prove that there was a crime, but only could find encrypted data, there is no evidence.
Encrypted data is no different from random data, unless you know which algorithm and software was used.
if you already know that encrypted data contains child pornography, you logically has sufficient evidence to convict.
If you only know that there is encrypted data, but don’t know what’s inside, you can’t logically argue that there is evidence of a crime.
And more likely, you even don’t know that the data is encrypted.
It may just be a large blob of random data.
Cars
I remember the days when we first got cars. The police were fretting how now criminals would be able to go faster then the police.
I remember the days when we first got cell phones. The police were fretting how criminals would be able to make calls from anywhere they wanted and not be tied to a physical location.
Now…. GET OFF MY LAWN!!
Someone should really go to the law enforcement agencies that are freaking out about this and point out that it probably wouldn’t be happening if they hadn’t been systematically invading people’s privacy and searching their phones without cause.
Re: Re:
Exactly so. If they can’t act responsible with the ‘toys’/powers that they have, they shouldn’t be surprised when people react and try and take them back. They’ve proven that they cannot be trusted, it’s hardly a surprise that people are pushing back because of this.
If police need data off an encrypted phone. They’ll just remote hack it through the baseband modem drivers. Or perhaps through the secondary operating system called Java Card, which runs on SIM cards.
Police still have options. I believe telephone companies are able to send silent text messages to Java Card and reflash firmware.
“The agency long has publicly worried about the “going dark” problem, in which the rising use of encryption across a range of services has undermined government’s ability to conduct surveillance, even when it is legally authorized.”
So they are admitting that they conduct surveillance when it is NOT legally authorized? That’s a pretty strong admission, considering they’ve denied it so many times before.
probable cause
Unless they say the magic word “terrorism” and then all your rights vanish in a puff of smoke…
No, the Fifth Amendment privilege against self incrimination is applicable to all criminal offenses.
The privilege is about compelling you to testify against yourself and using the coerced testimony to convict you of a crime.
if the police beats you in order to get you to tell them where you have hidden the murder weapon or what your password locking yor child pornography collection, any evidence resulting from the coercion is tainted and can’t be used against you.
This is an extreme form of pressure, but threatening someone with contempt sanction is also compulsion for purposes of the Fifth Amendment.
Re: probable cause
No, the Fifth Amendment privilege against self incrimination is applicable to all criminal offenses.
Just a thought experiment, what if the President declared you a terrorist, and then had you arrested and taken to Gitmo? I don’t think there are any 5th amendment protections there.
the 2013 NDAA allows this, with no judicial oversight
Re: Re: No 5th amendment protections in Gitmo
Since they don’t have due process, but just torture you and detain you at the pleasure of the President, yeah, there’s no cause to say anything except…well, they’re going to torture you anyway.
No. If you’re in Gitmo, you’re probably just fucked.
Re: Re: probable cause
don’t forget the Enemy Expatriation act, where the USA government has decided they have the right to strip Americans of their citizenship if they classify them as terrorists.
Considering millions of Americans have been deemed potential terrorists. makes one wonder how many people have been arrested and vanished, since they would no longer be a citizen they could “legally” just be executed or whatever.
Re: Re: Re: Unpersons and anti-citizens
That is exactly how a system takes form that features unpersons or anti-citizens…choose your preferred cyberpunk dystopian moniker.
Why would the FBI care? they have publicly stated they do not care about regular criminal only terrorists they create
The information on the phone is not the only evidence, and criminals almost always leave other trails of information.
Not only that, but the kind of criminal who is smart enough to not leave other trails of information is already either doing their own encryption, or otherwise avoiding anything that will leave a trail.
In fact, if we ever find out that these smart criminals are using the factory encryption, yet being caught through some other means, that will give me a lot of confidence that the encryption works as advertised!
So which one is it?
So some times it is “FEEEEAR the hacker and the upcoming CYBER-Pearl-harbor because we are most certainly doomed!”
But then they are all like “FEEEAR the terrorist and for your children because we can’t hack your shit!”. So I guess what they really want is a totally vulnerable system that is impervious to hackers?
Sense it makes not.
Re: So which one is it?
So I guess what they really want is a totally vulnerable system that is impervious to hackers?
I’m not sure if they’re clueless, or think everyone else is clueless, or both. It’s possible they actually think that if security vulnerabilities are left alone, they’ll be the only ones able to take advantage. It’s also possible they realize this isn’t true, don’t care about it, and assume the public will not understand. The latter seems more likely.
Thanks!
Thanks for the link, the quote, and the kind words.
Note that Hosko had to change his WaPo piece. The original title was something like “I helped save a kidnapped man from getting killed. With apple’s new encryption rules, we never would have found him,” but the title has changed to something more generic and there’s now a disclaimer at the bottom that says, “This story incorrectly stated that Apple and Google’s new encryption rules would have hindered law enforcement’s ability to rescue the kidnap victim in Wake Forest, N.C. This is not the case. The piece has been corrected.”
Fifth Amendment territory.
The Fifth Amendment prohibition on compelled self incrimination is a part of the constitution, and computer technology does not change the fact that compelling a suspect to give testimony against himself is unconstitutional.
The only situations wherein the privilege can be overcome are (1) If the government already can prove from an independent source that you possess a piece of evidence; (2) If the government grants you use and derivative use immunity;
(3) You are compelled to provide the government records kept incident to a valid noncriminal regulatory regime.
The third exception might actually provide a constitutional foundation for compelled key escrow but such a record keeping requirement has never been applied broadly outside tax and financial transactions.
Yup
US law may force Apple to grant the US government a backdoor but Apple can’t afford being caught in a big lie while marketing its product overseaws.
If Apple can’t guarantee security to European customers, there is going to be a very nasty fallout if it’s ever revealed that the company deceptively marketed its products as secure.
Also, I don’t think that having an exclusive backdoor for the US government will sit well with other nations’ law enforcement authorities.
Prior to the Snowden leaks, US corporations might well hope that their doubletalk would never be revealed, but Apple may fear that every friendly underhanded deal with the US government will eventually become public.
Other governments might demand that if there is any legally mandated backdoor, this must be on equal terms.
In short, he points out, the choice of encrypting our data is ours to make… and many more are choosing to do so because of the way law enforcement has abused their capabilities.
“How is the public interest served by a policy that only thwarts lawful search warrants?”
How stupid do you think I am? Besides, we already had encryption before. Maybe they’re just pissed that they haven’t cracked it yet?
Serve the warrant on the person's phone
I have a tip for all the law enforcement agencies: if you need data off someone’s phone, get a warrant to search the person’s phone. Why do Apple or Google (or any company( need to be involved in the process? Just because it’s easier than actually serving a warrant on a person?
Now they will pressure the people instead.
Law Enforcement Freaks Out
Andrew Weissmann, Apple is “announcing to criminals, ‘use this,’ ” he said. “You could have people who are defrauded, threatened, or even at the extreme, terrorists using it.”
He is so full of sh** ! When FCC or power that may be permitted “burner phones” where was the outrage ? Even today it says exactly what you are attributing to Apple !
In this regard we in India are doing a much better job. No burner phones. No mobile or wired phones without full identity information. No hiding of caller ID. We consider telephony a privilege and a birth right, and rightly so.
Apple
Boo Hoo, Waa!
1zqjyd'”(){}:/1zqjyd;9
1zqjyd'"(){}:/1zqjyd;9
iPhone Encryption
Not only must encryption be used for the phones, but also good passwords.