from the stay-the-course dept
Manhattan DA Cyrus Vance is still riding James Comey's anti-encryption coattails. Another year passes and Vance still comes to the same conclusions about phone encryption: it's bad for law enforcement and something (legislative) needs to be done to keep the criminal apocalypse at bay.
His opening remarks at a recent cybercrime symposium set the tone:
In my Office alone, 423 Apple iPhones and iPads lawfully seized since October 2014 remain inaccessible due to default device encryption. Approximately 10% of our warrant-proof devices pertain to homicide or attempted murder cases, and 9% to sex crimes. And while we’ve been locked out of approximately 34% of all Apple devices lawfully recovered since October 2014, that number jumped to approximately 42% of the devices recovered in the past three months.
With over 96% of all smartphones worldwide operated by Apple and Google, and with devices running older operating systems rapidly aging out, the trend is only poised to continue. In other words, the risks associated with warrant-proof encryption remain, and are growing.
This is all just Vance's pitch for the 2016 edition of his "Phone Encryption is Bad" report. It's available at the DA's website but you'll have to dig around for it. (Or simply download it using this link.) It's the same things Vance said last year, only with some added bold print surrounding his pitch for legislated backdoors. (All emphasis in the original.)
As illustrated by the San Bernardino domestic terrorist attack in December 2015, as well as by the ever-increasing number of smartphones lawfully seized by law enforcement that cannot be accessed by law enforcement or by Apple, the threat to public safety is increasing rapidly.
This isn't much of a pitch. The FBI fought a long battle seeking a favorable precedential ruling before turning the phone over to a foreign company. The FBI likely believed the phone was as useless as it ended up being (it was a work-issued phone -- hardly the sort of place someone stores incriminating communications), but it wanted something it could take to the next legal battle over encrypted data. The presumed increase to "public safety threats" is never more than a theory -- one that presumes every locked phone contains a wealth of usable evidence.
Vance's push for anti-encryption legislation continues, even as he notes there's very little in terms of precedent for what he's proposing.
Several foreign nations, often spurred by the fear of terrorism, have addressed the question of whether manufacturers and software providers can be compelled to extract data from smartphones that they manufacture or for which they provide software. These nations’ efforts in this endeavor have been halting.
The few legislative efforts he can name are all dead in the water, including a few state efforts that have seen little forward momentum. This leads Vance to the conclusion that the only way to fix this is to make it a federal effort, something that still seems to have little chance of success.
Federal legislation is required to address the problem of smartphones whose contents are impervious to search warrants. Two proposed bills, the Compliance with Court Orders Act, drafted by Senators Richard Burr and Dianne Feinstein, and a bill drafted by our Office, would adequately address the problem.
Elsewhere in the report, Vance details other law enforcement agencies' struggles with encrypted devices. Then he throws out this statement, which makes it clear those fighting device encryption are still unwilling to provide accurate numbers about how often locked phones thwart investigations.
These figures [number of locked devices] are almost certainly artificially low, because law enforcement agents who encounter a locked device in the field often do not have the time to make note of the device before moving on to the next investigative step.
You would think that law enforcement agencies -- those presumably interested in the possibility of legislated backdoors -- would be tracking each and every instance in which encryption is encountered. But Vance's speculation seems to indicate that other law enforcement agencies aren't nearly as troubled by encryption as he is... or that they're just generally kind of sloppy when handling potential evidence.
The entire report presents a world where ever-growing encrypted "darkness" is turning law enforcement agencies into useless extensions of the government. A world where even the best-funded agencies with the access to a variety of tech solutions can be beaten by a consumer communication product. It's not exactly apocalyptic, but it does present the situation as being wholly untenable without the federal government stepping in and kicking open a backdoor.
Vance -- like others who only see mandated backdoors/encryption bans as workable -- also claims tech and law enforcement should work together to create solutions -- a statement that really means tech companies should be more willing to compromise their principles for the greater good of the government.