It's quite easy to construct a scenario that would provide evidence for the government's position:
1. Government agents find encrypted smartphone. 2. Investigation flails around in circles for a while. 3. Smartphone owner or friend thereof steps forward, "Oh, yeah, the password is...." 4. Evidence on smartphone cracks case open. 5. Profit!
Get back to us when something like that actually happens.
There is no evidence that it would address institutional data breaches
This is a piece of brazen misrepresentation on a par with the "increase" of the chocolate ration to twenty grams (from a previous thirty) in 1984. Obviously, the new system (in which Apple or Google do not have access to the user's passcode) protects the user from institutional data breaches, since no data breach can expose data that the target does not possess.
I notice that this editorial, unlike most of the others, has no comment section. It's a damning admission that Vance et al know perfectly well that they have nothing but easily refuted lies and bullshit.
Actually, there were a spate of lawsuits against firearms merchants and manufacturers, until the NRA flexed its muscle and had them barred by law. It may be prudent for Silicon Valley to invest in a few coin-operated politicians and get a similar shield in place.
it's still rather surprising to see him find it worthy of a multi-part detailed legal analysis for which he brought in a Harvard Law student, Zoe Bedell, to help
If Wittes wants to turn his own name into point-and-laugh fodder, that's his business, but dragging in a student who is presumably trying to build a respectable intellectual reputation for herself is just plain evil.
Can they really do anything about it? The purse strings are in the hands of Congresscritters who for the most part would rather score cheap demagoguery points by bashing "bureaucrats" that seriously evaluate the market price of hiring competent talent.
Actually, an egomaniac like The Donald probably wouldn't bother picking up his bullhorn if he didn't get personal attention. That's yet another way "Lance Ulanoff" is wrong -- use of real names is as likely to encourage attention-seekers as to dissuade them.
I'd say if they give a minor child a smartphone and don't take basic precautions (i.e. insist that she give them the password as long as she lives under their roof and they pay her phone bill), that's negligence on their part.
This would be the "let's hope for the tragic death of a child" plan
To be blunt, the tech companies need to take the same hardass attitude as the gun industry (i.e. "dead-child shmed-child") and pull enough strings to make it officially not their problem (again, just like the gun industry did).
American ingenuity is great, so I don't really believe all these FBI directors who say that it's "too hard" to catch all the bad guys. I think they haven't really tried.
Actually, we know for a fact that they aren't trying. There are several well-known ways to bypass encryption no matter how strong it is (plant hardware or software bugs to directly intercept keystrokes and display output, intercept EM noise emissions to remotely reconstruct keystrokes and display output). The FBI prefers to pretend that these alternatives don't exist because they're too much work and effectively limit them to individual targeted surveillance (i.e. what they're supposed to be doing) rather than mass surveillance (i.e. what they want to do, laws to the contrary be damned).
The simple fact is that the "going dark" problem does not exist. There are several ways to bypass encryption no matter how strong or well-implemented it is -- plant a hardware or software bug in the user's keyboard to capture message prior to decryption (and, for that matter, capture the user's password); bug the display output line to capture messages as they are read; intercept EM noise and reconstruct keystrokes and display images.
The problem from Big Brother's viewpoint is that this is too much like work and requires a significant investment in specialized training and equipment. Thus, it only works for legitimate surveillance of a select specific targets, and can't be scaled up to mass surveillance. Of course, the proper response is "too damn bad", because the government is supposed to be limited to the former in any case, and technologies that enforce that limitation are problematic only to politicians and bureaucrats who wish to abuse their power (i.e. the ones who give the other 2% a bad name).
There's currently a Supreme Court case (King v. Burwell) that hinges on precisely the issue of whether a technical flaw in the legal language invalidates what the legislature clearly intended to pass. It's a lose-lose for the right wing (either their last-ditch Hail Mary to get rid of Obamacare fails, or the Patriot Act sunset provisions really did expire without being replaced with the "USA Freedom" versions).