The FBI Really Doesn’t Like Quality Encryption
February 20, 2017 (Fault Lines) — The federal government has no match when it comes to prosecutorial resources and access to information. It’s not that they’re the brilliant band of investigators they think they are, but that the feds are very good at collaring people because they can overwhelmingly staff any situation. But it turns out that it’s not enough: anything that can be seen as possibly helping the bad hombres avoid detection is frowned upon by the federales.
The Consumerist reports on the latest whining from the FBI, this time when it comes to unsophisticated stupid criminals* having access to the tools of their trade end-to-end encryption, and how the tech companies may be unknowingly helping crooks. FBI General Counsel James A. Baker has a big beef with criminals having access to this technology, and says that it’s become a “problem” for his employer:
“End-to-end encryption, or decryption of devices, is increasingly available by default,” said FBI General Counsel James A. Brady [sic] yesterday at a Center for Strategic & International Studies panel discussion on privacy and law enforcement. “Your average bad guy, who’s not particularly sophisticated, can avail himself of high quality encryption, so that’s part of our problem.”
Brady seemed to question the logic of making full-disk encryption the default on phones and other devices, when – in his view – most people aren’t thinking about this issue.
“The super-sophisticated bad guys are always going to be able to find tools to try to thwart us,” he added. “They think about it actively and they will endeavor to do that.”
One wonders what the difference is between a “super-sophisticated” and a simply “sophisticated” bad guy, in the mind of Baker. Does a super-sophisticated crook graduate from MIT? And is a lower-tier sophisticate the product of a BOP education? But what does Brady expect tech companies to do? Perform a background check at every Best Buy cash register before allowing a future criminal to walk out with the smartphone du jour?
The real “problem” here for the government is that this technology makes their job slightly more complicated, forcing it off its ass to do some “lawful hacking.” Make the government’s job any less easy-peasy, and it will cry foul, while implying that whoever is responsible is complicit in criminal activity. Is this really a good enough reason for everybody’s personal data to be easily accessible for untrustworthy parties? Thank goodness we’d still be able to use a VPN (you can find these online with the help of a simple search like ‘best vpn canada‘), even if our apps might not be as safe as we’d like.
It’s not enough to have unrivaled resources, a herd of cooperating witnesses, and a 97 percent conviction rate. Baker goes on to talk about the need for speed when it comes to catching criminals:
“Lawful hacking” – the process of getting a court to compel a company to aid in opening a secured device – “provides some relief,” said Brady, [sic] “but only some. It’s slow, it’s expensive, it’s fragile; it’s just not a comprehensive solution to this problem. We’ll use it when necessary, but it’s not a panacea.”
It’s not as difficult to obtain metadata – things like when and who you texted or emailed, but without any content – but Brady [sic] noted that this is rarely the kind of information that can lead to a criminal prosecution.
Despite the fact that the FBI’s coffers are bursting at the seams, it wants to avoid the costs associated with the oxymoron known as lawful hacking. It also seems that it has nothing but contempt for the popular slogan of “fast, good, or cheap. Pick two.” Anything that has a remote chance of slowing down the conviction machines in the federal courts must be taken out of circulation.
But it gets worse, and more arrogant, and the proof is in the pudding the court dockets. This month a federal judge refused to dismiss a lawsuit filed by Microsoft against the Department of Justice, which alleges that the government prohibited tech companies from alerting their customers when the government was snooping on their emails and other data.
In 2014, the U.S. Court of Appeals for the Fourth Circuit upheld a contempt order against Lavabit when the company refused to hand over to the government the encryption keys to its e-mail server. And who can forget the soap opera involving Apple, the FBI, and the San Bernardino shooter’s iPhone, which concluded with the government saying “never mind, we got this, Magistrate Judge.”
Baker’s concerns are not new, since last year the FBI director raged raved about how strong encryption was making the feds’ jobs hard to do. This will never stop, as the makers and providers of this technology will continue to be implicitly accused of helping the terrorists, and the feds’ whining will continue so long as the few and the proud refuse to roll over for the government. The law is a bludgeon, and techies are no exception to the rule.
*Criminal defense lawyers, or CDLs, like to half-joke that their clients are presumed innocent, not intelligent. There is an endless supply of war stories to back that up.