Comey Can't Say How Often Encryption Thwarts Investigations, But Probably A Lot
from the never-let-facts-get-in-the-way-of-the-rhetoric dept
FBI Director James Comey believes encryption is perhaps the biggest threat to public safety yet. So big, in fact, that he can only engage in hyperbole about it. There’s been very little done to quantify the problem, even by the agency that seems to fear it most.
In 2015, Comey told senators that a “vast majority” of devices seized by US law enforcement “may no longer be accessible” due to encryption. Comey has a very strange definition of “vast majority,” as Marcy Wheeler points out.
In a speech at the end of August, Jim Comey claimed that the FBI had been unable to open 650 of the 5,000 devices it got in its forensics centers.
“We believe in the FBI that we need a conversation. If at the end of the day the American people say, “You know what, we’re okay with that portion of the room being dark. We’re okay with”—to use one example—“the FBI, in the first 10 months of this year, getting 5,000 devices from state and local law enforcement and asked for assistance in opening them, and in 650 of those devices being unable to open those devices.” That’s criminals not caught, that’s evidence not found, that’s sentences that are far, far shorter for pedophiles and others because judges can’t see the true scope of their activity.”
That left the impression that encryption thwarted the FBI in 13% of all cases.
But it’s not even 13%. Comey has given the impression that the agency has hard numbers on encryption, but there’s still nothing to work with. The 13% percent presented by Comey includes all inaccessible phones — a number that includes physically-damaged phones and phones where data had been deleted.
So the “problem” is far less of a problem than has been presented. While it’s true that the number of encrypted devices encountered will rise with the continued implementation of encryption-by-default, the “darkness” predicted by Comey and others (like Manhattan DA Cy Vance) is still nothing more than a rhetorical tactic.
But nothing’s going to move ahead legislatively if the FBI can’t demonstrate necessity. And 13% isn’t going to cut it, even if that number is inflated. James Comey is basically acting as an anti-encryption lobbyist, as Wheeler points out:
So unless the FBI, after I asked in early September, went back and recalculated their quarterly numbers (I’ve got a question in to clarify this point), then the FBI is presenting a false claim about encryption.
This is what’s being used willingly by Senators Burr, Feinstein, and others to push anti-encryption legislation forward: overstated fears and massaged numbers. Comey wants the private sector to “nerd harder” and bend math to his will, ignoring the realities and repercussions of doing so. This fits in perfectly with his nonscientific approach to curbing or ending encryption: unverifiable claims backed by fuzzy numbers and a continued unwillingness to address the situation as it is, rather than what he portrays it to be.
Filed Under: encryption, fbi, going dark, james comey, law enforcement, privacy
Comments on “Comey Can't Say How Often Encryption Thwarts Investigations, But Probably A Lot”
"What do you mean my actions have consequences?!"
So the "problem" is far less of a problem than has been presented. While it’s true that the number of encrypted devices encountered will rise with the continued implementation of encryption-by-default, the "darkness" predicted by Comey and others (like Manhattan DA Cy Vance) is still nothing more than a rhetorical tactic.
As always when the subject comes up with government and/or police whining about that terrible encryption getting in the way it’s worth pointing out that it’s a self-inflicted wound they’re complaining about.
While it’s not necessarily the fault of police and government groups that encryption-by-default is becoming the norm, I’d argue that it is their fault that it’s happening as fast as it is, with demonstration after demonstration that if they could snoop through anything they could get their hands on they absolutely would, meaning if the public wanted to protect it’s privacy it was going to have to take matters into it’s own hands.
All they had to do was show even the slightest bit of restraint and the push towards default encryption likely would have just chugged along, still there but notably slower in it’s implementation, yet that was apparently just too much to ask of them.
That said, on a more specific note even assuming Comey’s 13% number is accurate(which I don’t buy for a second) rather than baseless hyperbole and fearmongering, I’m pretty sure that the number of crimes/criminals unsolved and/or uncaught because they were discussed and planned out of range of a recording device would vastly dwarf that number. Would he next suggest that any conversation must be recorded for the police to go over at their leisure, just in case?
Police and government workers have never had access to all the evidence they want, able to listen in to any and all conversations or discussions, that these conversations are now increasingly taking place in a digital format should not suddenly grant them a ‘right’ they’ve never enjoyed before. Just because they might want to be able to listen in to every conversation, or at the very least have the records of it does not mean they should have any expectation of getting such.
Re: "What do you mean my actions have consequences?!"
Of course, Comey’s not going to learn from this experience either. The best he can muster is to angrily shake his fist and blame whistleblowers for exposing his overreach and incompetence, and the “nerds” for not giving him the reality-bending results he wants.
Re: "What do you mean my actions have consequences?!"
Police and government workers have never had access to all the evidence they want, able to listen in to any and all conversations or discussions, that these conversations are now increasingly taking place in a digital format should not suddenly grant them a ‘right’ they’ve never enjoyed before. Just because they might want to be able to listen in to every conversation, or at the very least have the records of it does not mean they should have any expectation of getting such
This is a thing that is very very convenient to forget, and also by its very nature impossible to get any hard numbers on. Although, I guess the numbers of crimes not solved because of lack of recording would be: (100%) – (percentage of crimes solved). One could hope all crime would be solved if everything was always recorded.
I also find the number extremely disingenuous for another reason then just deleted info and broken devices. There is no way of knowing if they actually had any evidence, or knowing if what was on the phone already had evidence in other forms, such as witnesses.
Re: Re: "What do you mean my actions have consequences?!"
I also find the number extremely disingenuous for another reason then just deleted info and broken devices. There is no way of knowing if they actually had any evidence, or knowing if what was on the phone already had evidence in other forms, such as witnesses.
A very good point, he’s presenting the number as if every single device contained incriminating evidence, when it’s entirely possible that most of them had absolutely nothing of relevance to any investigation, meaning the inability to access them isn’t stopping anything but their voyeuristic urges to snoop.
Re: "What do you mean my actions have consequences?!"
And if he gets his way and gets a backdoor in to all legal encryption, the CRIMINALS will just use non-broken illegal encryption, while law-abiding citizens are forced to use broken encryption and expose themselves to threats from other criminals.
Five Eyes are making a coordinated propaganda effort
https://www.thestar.com/news/canada/2016/11/15/top-secret-rcmp-files-show-digital-roadblocks-thwarting-criminal-investigations-in-canada.html
OMG! Terrorists going dark!
If they can’t get the laws they want in the US they’ll just get them threw on of the other participating terror partners
That 13 percent is from drives that have been turned over to the FBI.
Presumably the ones that haven’t been turned over to the FBI haven’t been turned over at least in part because a greater proportion of them have been accessible by local law enforcement than the ones that have been turned over. So the true number of inaccessible drives is less than 13 percent, those that have been turned over are special cases to begin with.
Yeah but...
And how many of that 650, Still got a conviction even without the phone?
I say this now and for ever, if you want to end encryption, start with the federal level and show everyone how silly they are about needing encryption.
Investigations
Does Encryption actually thwart legitimate Investigations? Or does it merely thwart unauthorized snooping and fishing expeditions without oversight?
In a legitimate investigation there are no doubt multiple ways to deal with encrypted communications.
Where there's a will, there's a way
http://www.nytimes.com/2016/11/16/us/politics/china-phones-software-security.html
Secret Backdoor in Some U.S. Phones [Also] Sent Data to China, Analysts Say
By MATT APUZZO and MICHAEL S. SCHMIDTNOV. 15, 2016
“Security contractors recently discovered preinstalled software in some Android phones that monitors where users go, whom they talk to and what they write in text messages.”
I’m shocked, shocked that Android phones have preinstalled surveillance software. Isn’t that the whole point of *Google’s* Android software?
Re: Where there's a will, there's a way
Google’s Android software is largely Open Source Google has zero control over what companies do with the Open Source code. If the third party wants to use some of the Google Services then Google has a bit of a say, but not much that would prevent a phone manufacturer or phone carrier from installing this type of software on ‘their’ phones.
Re: Re: Where there's a will, there's a way
“Google’s Android software is largely Open Source Google has zero control over what companies do with the Open Source code.”
The point is, Android software, Open Source
or not, is designed to spy on users, and
most of the Android vendors take full advantage
of those capabilities.
Window Blinds
Window blinds keep passing police from seeing in. That’s criminals not caught, that’s evidence not found, that’s sentences that are far, far shorter for pedophiles and others because we can’t see the true scope of their activity.
Whatever did they do before before about 1996, when smart phones did not exist? Lack of records of conversations, other than some metadata in billing records, was the norm for law enforcement until the year 200 or so. (Most people did not keep a dieary with even a fraction of the information that is held in a modern smart phone).
Dang liberty!
Living in a free society, where citizens have rights necessarily entails making things harder for law enforcement. The KGB, the Stasi, they had it made. But that doesn’t create any great desire in me to go commie. I’m fine with a police force that has to do a bit of extra leg work and occasionally can’t close case. That’s a trade off I’ll happily take.
Re: Dang liberty!
The KGB had it made, really? They could not stop people producing and circulating paper copies of banned books.
I can't say how often Comey tells the truth.
But probably a lot. Like when ordering dinner. And probably some other occasions.
Comey Can’t Say How Often The Human Right of Privacy Thwarts Investigations, But Probably A Lot
"We believe in the FBI that we need a conversation…"
"You keep using that word, I do not think it means what you think it means."
How many crimes are prevented by crypto?
What Comey fails to mention, is that the adoption of better security infrastructure, will make commercial transactions safer and data breaches less frequent.
So as it goes dark for the FBI, so it goes dark for criminals. The FBI will make fewer thought-crime convictions, but the number of wire fraud crimes committed will also go down.
Over the long term, I think we will find the crimes offset by crypto, will exceed any cultural benefit of crypto not existing.
So better crypto == less crime (probably?). Yes, there will be some fluctuation in which crimes are prosecuted. But overall we will all benefit. Everybody is on the the same side here.
It would be nice if Comey eventually figured that out. Right now he is standing outside of the lunch room, banging on the door and demanding entry. The door isn’t locked. It never was.
Typical really. Why understand the problem, if you can make your quota without doing so?
Comey can’t say how often he interferes in elections but probably a lot.
Lets do it!
Let’s ban encryption, yes a literal fuck-ton of bad shit will happen. Chaos will reign, and the FBI/CIA will be totally useless, as they will be overwhelmed with calls of computer/identity fraud/theft.
BUT.
On the other hand we will no longer have to take govt officials to court over emails that they don’t want made public, because they will by nature, be public anyway because there will be NO encryption.
It doesn’t matter what the FBI say. Encryption is here to stay.
Comey does not really have a choice
After the next terrorist attacks, a scapegoat will need to be sacrificed.
The obvious choice will be Comey, for ‘not doing enough’. His only way out is to ask for more support than congress and government are prepared to give him. ‘If only you had given me the money/people/encryption breaking powers I told you I need, the massacre would not have happened.’
Refusing Comey’s request is not really an option, though:
‘If only congress had allowed the FBI to crack terrorist phones, those people would not have died.’ So their only choice is to give in, however ridiculous the request may seem.
At which stage Comey has to ask for more powers his base, and the circle begins again …
James Comey Remains a Joke
And to think, this is the same weasel, James Comey, who feigned an investigation of his master Hillary Clinton’s emails.
Jimmy you have more to be concerned about than trying to invade the rights of American citizens by lying about encryption and over stating your need to hack into anyone’s computer at any time. You’re a traitor.
Get lost Comey, like another commenter said, encryption is here to stay.
And that’s not even the number of investigations thwarted. Probably in many of those cases there was other evidence to be used.
And probably in many cases the FBI was unable to get in to the phones, but there was nothing there the FBI had any business reading anyway.
If the FBI was serious about solving crimes, how about something real, like the rape kit backlog? http://www.thedailybeast.com/articles/2014/09/23/how-the-u-s-ended-up-with-400-000-untested-rape-kits.html
That’s ‘criminals not caught, …evidence not found, … sentences that are far, far shorter for pedophiles and others’ And that’s for real predators that have actually harmed another person, as opposed to mentally ill people that only looked at CP, and may never commit a true assault.
Re: Re:
"But going through all those would take work, crippling encryption gives us an easy way to snoop whenever and wherever we want with almost no effort. Even better, with no effective encryption crime will absolutely skyrocket, meaning we can demand even more power and more money in order to ‘deal with the unprecedented digital apocalypse’. It’s a win-win!"
-Bizzaro(which is to say honest) Comey
Sounds to me like a man thinking up an answer where he doesnt accidently slip up that they have ways to circumvent some encryption
Cant confirm whats working, because people will start using it
Cant confirm whats circumvented, incase the tools at their disposal may suddenly vanish overnight with updates/patches
Their third and favorite option, lie…….pick an encryption thats really strong and respected, claim it unhackable, a nuisance, make some hoopla……..and fail to mention that they have an exploit for it