Editor’s Note: In an attempt to broaden our interaction with our readers we have created this Reader Forum for those with something meaningful to say to the wireless industry. We want to keep this as open as possible, but we maintain some editorial control to keep it free of commercials or attacks. Please send along submissions for this section to our editors at: dmeyer@rcrwireless.com.
Apple’s recent move to protect smart-device privacy by throwing away customers’ encryption keys drew cheers from privacy advocates when first announced. But it may yet backfire on smart-device manufacturers and mobile operators in ways never anticipated.
Broadly condemned by law enforcement as a threat to public safety, Apple’s move has triggered a call by the FBI for stronger surveillance laws that would enhance the technical capabilities of law enforcement – and possibly place new burdens on the industry.
To understand how the tech industry and the FBI reached this impasse, it’s essential to step back and understand the impact of Apple’s no-key encryption decision on law enforcement’s ability to gather evidence.
Apple’s iOS 8 platform introduced four changes in the way Apple devices are encrypted. It enabled the encryption of all data (not just emails) stored on an iPhone or iPad; set the encryption to apply by default; let users opt out of data storage in Apple’s cloud; and established that Apple would stop holding the encryption keys to decrypt data stored on a device.
In an address at the Brookings Institution in Washington, D.C., on Oct. 16, FBI Director James Comey outlined why law enforcement believes the fourth change threatens public safety. In the past, a law-enforcement agent who validly seized a suspect’s device could rely on Apple to decrypt any encrypted data inside. With its new operating system, Apple terminated the decryption service. That decision, said Comey, transforms the right to privacy into something entirely different: a “right” by the wrong people to stand above the law.
It didn’t help that Google quickly followed Apple’s lead, announcing that it, too, would adopt a decryption-proof policy for Android phones.
Now locked out of a primary source for evidence gathering, the FBI feels it has no choice. Director Comey seeks a major update of federal surveillance laws to prevent law enforcement from “going dark” in the pursuit of dangerous elements.
Although Comey didn’t provide specifics, his message was clear and should be a wake-up call for device manufacturers and network service providers alike:
“The issue is whether companies not currently subject to the Communications Assistance for Law Enforcement Act should be required to build lawful intercept capabilities for law enforcement.”
Federal law enforcement’s agenda is not limited to reversing the tide of warrant-proof encryption. They want to bring policy up-to-speed with technology changes not envisioned when Congress last passed laws on lawful intercept.
At present, the Communications Assistance for Law Enforcement Act requires communication providers – including mobile operators – to equip their networks with surveillance solutions needed to implement court orders for lawful surveillance.
The statute does not govern device-makers like Apple, search engines like Google or social networks like Facebook. It’s a given that Director Comey wants CALEA to be upgraded so that all these players are required to produce technical solutions that perform decryption.
In that event, for companies such as Apple and Samsung, the law would reach “stored communications” such as data encrypted in a smart device.
At issue is exactly how that might work and who would be responsible. Among the unanswered questions on deciphering smart device encryption:
–Who will hold “the keys?” In networks that use two-key encryption, where the service provider holds only the “public” key, how could they convert encrypted data to clear text?
–Would mobile operators and other service providers have to store copies of all the device-based “private” keys, and if so, could that be managed securely?
Also of interest are potential changes that impact the encryption of network services. Here the issues are:
–Should CALEA extend to the broader topic of encrypted communications that transit networks? The current statute expressly prohibits law enforcement from dictating network design. Must that prohibition be softened so networks are designed for lawful decryption and, if so, would that make networks less secure?
–If law enforcement gains control over network design, what configurations would solve the encryption problem?
–What about end-to-end encrypted systems such as Skype, a downloadable voice application that runs without a service provider. Who would lawfully decrypt those calls? Any proposal to make CALEA cover the multitude of global application developers would be difficult to implement and tougher to enforce.
That’s just for openers. Beyond the encryption debate, law enforcement wants many other items of surveillance assistance, including originating and terminating IP addresses, Internet port numbers, wireless location data with GPS accuracy, and a buffering feature to prevent packet loss during intercepts.
It might be understandable if Apple pursued stronger encryption measures in the wake of the recent controversy over foreign intelligence. But because Apple’s iOS 8 hinders both foreign intelligence gathering and domestic law enforcement, it has precipitated a potential rainstorm of new domestic surveillance requirements.
It will not be easy to update CALEA in a way that meets the needs of lawful surveillance, protects privacy and security, and also preserves freedom of technical innovation. Parties now at loggerheads will need to find common ground.