Trump Administration Targets Your ‘Warrant-Proof’ Encrypted Messages

The Justice Department has placed a high national security priority on its probe of the shooting at Naval Air Station Pensacola in Florida, insisting that investigators must get access to data from two locked and encrypted iPhones that belonged to the alleged gunman, a Saudi aviation student.

The Justice Department has placed a high national security priority on its probe of the shooting at Naval Air Station Pensacola in Florida, insisting that investigators must get access to data from two locked and encrypted iPhones that belonged to the alleged gunman, a Saudi aviation student. J. SCOTT APPLEWHITE/AP

By Martin Kaste | NPR

The Trump administration has revived the debate over “end-to-end encryption” — systems so secure that the tech companies themselves aren’t able to read the messages, even when police present them with a warrant.

“It is hard to overstate how perilous this is,” U.S. Attorney General William Barr said in a speech last fall. “By enabling dangerous criminals to cloak their communications and activities behind an essentially impenetrable digital shield, the deployment of warrant-proof encryption is already imposing huge costs on society.”

Barr has been concerned about this for years, but he has become more vocal recently as encryption goes mainstream. It’s now built into popular services such as Skype and WhatsApp, and even Facebook may soon be encrypted.

Republican senator and Trump ally Lindsey Graham recently floated legislation that would strip tech companies of their liability protection under Section 230 of the Communications Decency Act unless they comply with as-of-yet undefined “best practices.”

Riana Pfefferkorn, at Stanford University’s Center for Internet and Society, says it’s a safe bet the best practices would include a requirement that law enforcement get access to encrypted content.

“The bill as it’s drafted does a bizarre and alarming end run around normal legislative or even agency rule-making processes,” Pfefferkorn says, giving the attorney general “the keys for deciding what rules apply on the Internet.”

Justice Department officials say all they want is a reasonable accommodation for investigators with court orders, similar to the federal law that requires phone companies to make it technically feasible for police to tap phone calls.

Recent headlines have focused on the FBI’s disputes over encryption with Apple, which has refused investigators’ requests to “break into” iPhones recovered from high-profile terrorism attacks. But those situations are relatively rare. In practice, it’s local law enforcement that more often finds itself frustrated by encryption.

“It comes into play at least once or twice every single week,” says Capt. Clay Anderson, who supervises investigations at the Sheriff’s Office in Humphreys County, Tenn.

“Human trafficking and sexual-exploitation-of-minor cases — those are very frequent,” Anderson says, “and in those cases you run into dead ends because you can’t get past encryption.”

There’s often little point in getting a warrant for a sexual predator’s digital messages, he says, because the messaging company isn’t able to produce anything. If they could get those communications, he says, it would be easier to build cases for the prosecution.

“Who needs that kind of encryption, other than maybe the military?” he asks. “We don’t even — in law enforcement — use encryption like that.”

Moxie Marlinspike thinks regular people want it. He’s the software developer who co-created the encryption system used in WhatsApp and other systems.

Read More
%d bloggers like this: