US deputy AG attacks ‘warrant-proof’ encryption
- 11 October, 2017 12:01
US deputy attorney general Rod Rosenstein has used a speech at the US Naval Academy to launch an attack on what he described as “warrant-proof” encryption.
Rosenstein assailed “warrant-proof” encryption as a “serious problem”.
“The law recognizes that legitimate law enforcement needs can outweigh personal privacy concerns,” he said.
“Our society has never had a system where evidence of criminal wrongdoing was totally impervious to detection, especially when officers obtain a court-authorised warrant. But that is the world that technology companies are creating.”
It was the latest salvo from a government of the Five Eyes intelligence partnership against companies offering end-to-end encryption.
Unbreakable encryption elevates privacy above public safety, Rosenstein argued in his speech.
“Warrant-proof encryption defeats the constitutional balance by elevating privacy above public safety,” he said.
“Encrypted communications that cannot be intercepted and locked devices that cannot be opened are law-free zones that permit criminals and terrorists to operate without detection by police and without accountability by judges and juries.
“When encryption is designed with no means of lawful access, it allows terrorists, drug dealers, child molesters, fraudsters, and other criminals to hide incriminating evidence. Mass-market products and services incorporating warrant-proof encryption are now the norm.
“Many instant-messaging services employ default encryption designs that offer police no way to read them, even if an impartial judge issues a court order. The makers of smartphones previously kept the ability to access some data on phones, when ordered by a court to do so. Now they engineer away even that capability.”
Rosenstein said the that law enforcement referred to the problem as “going dark”.
He cited the 2016 legal battle between the FBI and Apple. The FBI sought to compel Apple to help break the security of an iPhone used by the San Bernardino shooter. Apple said it would to challenge a court order obtained by the FBI, and the bureau instead found another way to unlock the handset.
Rosenstein also cited encrypted instant messages exchanged by one of the participants in the May 2015 attack in Garland, Texas.
The deputy AG argued that “responsible encryption” is possible.
“Responsible encryption can involve effective, secure encryption that allows access only with judicial authorisation,” he argued.
“Such encryption already exists. Examples include the central management of security keys and operating system updates; the scanning of content, like your e-mails, for advertising purposes; the simulcast of messages to multiple destinations at once; and key recovery when a user forgets the password to decrypt a laptop.”
“No one calls any of those functions a ‘back door,’” he said.
The US government is not alone in waging war against encryption. The Australian government has also foreshadowed the introduction of laws that will force technology companies to cooperate with law enforcement agencies seeking to decrypt communications.
Prime Minister Malcolm Turnbull said earlier this year that the government wants to be able to compel cooperation from “the Internet companies like a Facebook or a WhatsApp or a Telegram and so forth and Google.”
As with Rosenstein, the Australian government has denied it is seeking to push the introduction of backdoors, though Turnbull has given a narrow definition of the term.
A backdoor “is typically a flaw in a software program that perhaps the... developer of the software program is not aware of and that somebody who knows about it can exploit,” Turnbull told a press conference in July.
The government denies that its efforts will undermine encryption, although true end-to-end encryption does not enable a third party to access the content of a communication. The government has indicated that its proposed laws will encompass device-makers, potentially indicating a push to access decrypted messages at end points rather than while in transit.
Earlier this month Attorney-General George Brandis received a ‘Villain of Human Rights and Communications Surveillance’ award from digital rights advocacy group Access Now for the government’s push to access encrypted communications.
Turnbull in July was recognised at the Pwnie Awards in Las Vegas, taking out the ‘Pwnie for Most Epic FAIL’ for his “war on math”.
The UK government has also directed fire at encrypted messaging services.