There Is No 'Going Dark' Problem
from the to-make-investigative-omelets,-you've-got-to-crack-a-few-phones dept
Former FBI Director James Comey made plenty of headlines with his insistence cellphone encryption would be the end of law enforcement as we know it. Comey's assertions made it seem as though regular police investigative work was no longer of any use and that any and all evidence pertinent to cases resided behind cellphone passcodes.
He insisted the problem would only get worse in the future. If not put to an end by legislated backdoors or smart tech guys coding up "safe" holes in device encryption, we may as well accept the fact that no criminal committing more than a moving violation would ever be brought to justice.
Default encryption does pose a problem for law enforcement, but it's nowhere near as insurmountable as Comey has portrayed it. Multiple FOIA requests handled through MuckRock have shown law enforcement still has several phone-cracking options at its disposal and doesn't seem to be having many problems recovering evidence.
This is superbly illustrated in documents obtained from the Tulsa and Tuscon (AZ) Police Departments by Curtis Waltman. Tuscon PD documents [PDF] show law enforcement officers are using tools crafted by the same company that provided the hack to the FBI in the San Bernardino case, among several other options. But the real motherlode is the Tulsa PD's log of cracked phones.
The kicker really is how often these are being used - it is simply really hard to believe that out of the 783 times Tulsa Police used their extraction devices, all were for crimes in which it was necessary to look at all of the phone’s data… There are some days where the devices were used multiple times - Tulsa used theirs eight times on February 28th of this year, eight again on April 3rd, and a whopping 14 times on May 10th 2016. That is a whole lot of data that Tulsa was able to tap into, and we aren’t even able to understand the why.
The document contains page after page of cracked phones, ranging from Samsungs to HTCs to LGs… even iPhones (5 and 6). "Going dark" remains a Comey fairy tale, for the most part, if these documents are anything to go by.
And there's apparently very few rules for deployment of cellphone-cracking devices. Only one PD in Arizona returned any guidelines in response to requests and those rules basically state there are no rules. The Mesa PD's Computer Forensic Unit makes the most of its limited resources by limiting its work to… any crime at all.
This is the list of criminal activity the unit provides forensic work for, listed in order of priority.
Homicide
Sexual Assault
Child Crimes (which I assume means "crimes against children," rather than crimes committed BY children)
Aggravated Assault/Robbery
Property Crimes
All other felonies
All misdemeanors
Everything. That would explain the number of cellphones accessed by these PDs. Presumably other PDs are also operating under very loose guidance or none at all.
This sort of intrusiveness should be limited to serious felonies and investigations where it's plainly apparent the best route to evidence runs through the suspect's cellphone. Otherwise, law enforcement agencies are just using these tools because they have them, not because they necessarily need them.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: data extraction, encryption, fbi, going dark, jim comey, law enforcement
Reader Comments
Subscribe: RSS
View by: Time | Thread
[ link to this | view in chronology ]
Re:
Also, since when was the law meant to protect a business model that has gone long past it sell by date?
Withe the Internet their is no need for a gatekeeper to decide what gets published, and as a side effect keep most of the profits for themselves.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re:
I wonder who wrote this article, perhaps there is a way to find out ...
Doubt it's a fat finger because the s and the p are at opposite ends of the keyboard.
How does one refute to admit something? Not sure how this works.
[ link to this | view in chronology ]
Re:
Tim Cushing (not Masnick) was talking about FBI and police getting data off of smart phones. You're talking about... what? HTTP traffic protected by encryption?
[ link to this | view in chronology ]
Re: Shilling for the MPAA
Now, the issue with pirates is that there's this world-wide, super-simple copying machine called the internet that everyone has access to, including my 8 year old child. And if you lock it down with DRM, he just whips out his phone and makes a movie.
Do you seriously think that it should be illegal to do what my 8 year old does effortlessly with his toys? I sure hope law enforcement has better things to do than discipline my 8 year old!
[ link to this | view in chronology ]
Re:
None of this is new. Police work has ALWAYS had these problems. What is new though, is that police have access to more information on any suspect today than at any time before in history.
Going dark is Comey-speak for a return to how police investigated crimes in the 1980s and 1990s. And you'll notice, there were no problems convicting people in courts in those decades.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Turn about
[ link to this | view in chronology ]
If it's a legal tool, why not use it? The local community should be the ones to decide if it's a good use of funds.
[ link to this | view in chronology ]
Re:
[ link to this | view in chronology ]
Re: Re:
The Techdirt editorial creates a bit of confusion on this point. Yes, the police ought to be treating this as a Fourth Amendment search, with all the protections and process that requires (warrant, probable cause, particularity of the warrant, etc.). However, if they treat it as such (and admittedly, there is no evidence that they do, or that they have rules telling them to do so, or that they face any meaningful penalty for not doing so), it makes sense that they ought to perform lawful searches whenever feasible, since the preconditions here (particularly the precondition of probable cause) assume that they are not just cracking everything in sight. In practice, their strong aversion to Fourth Amendment protections suggests they cannot be trusted with the tools to crack any phone.
Your example of a traffic stop is a good one. There is no reason that the traffic stop should give them the legal blessing to perform a full vehicle teardown. You started from the assumption that they had some suspicion that some crime might have been committed, and would then leverage that into a full search for unrelated criminality. Grandparent started from the assumption that they had a legal blessing for their actions (a valid warrant that includes the phone in the list of places to search) and questioned why not search everywhere that the warrant entitles them to search.
[ link to this | view in chronology ]
Re: Re:
See, they might have been speeding because they were fleeing the scene of a crime and there might be evidence of the crime on a phone in the car.
Then again, if they were driving a safe and legal manner it might be because they are trying to avoid calling attention to themselves because they are actually fleeing the scene of a crime and there might be evidence of the crime on a phone in the car.
So, as you can see, the gods, I mean cops, need to be able to search anyone's phone at any time, because you just never know what they may be hiding.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Would this include eating a lot of beans?
[ link to this | view in chronology ]
Re: Re:
Oh, no, don't do that, unless you want to possibly spend a long time in prison. People have been charged with being a terrorist or felony assault on a police officer by "chemical attack" for farting.
[ link to this | view in chronology ]
Sounds like an "unreasonable search and seizure" to me
[ link to this | view in chronology ]
[ link to this | view in chronology ]
Re:
Isn't god supposed be able to see and know everything?
[ link to this | view in chronology ]
But you were jaywalking!
[ link to this | view in chronology ]