FBI Says It Can't Get Into 6,900 Encrypted Phones. So What?
from the doing-less-with-more dept
The new director of the FBI, Christopher Wray, has apparently decided to take up James Comey's anti-encryption fight. He's been mostly quiet on the issue since assuming the position, but the DOJ's recent calls for "responsible encryption" has emboldened the new FBI boss to speak up on the subject.
And speak up he has. Although the FBI still hasn't released the text of his remarks to the International Association of Chiefs of Police, more than a few sites are reporting it was the usual "go team law enforcement" boosterism, but with the added zest of phone encryption complaints.
He also spoke about roadblocks in dealing with cellphone encryption technology, saying that in first 11 months of the fiscal year, the FBI has been unable to access content from 6,900 mobile devices despite having the proper legal authority to do so.
"It's going to be a lot worse than that in just a couple of years if we don't come up with some responsible solution," he lamented. "I'm open to all ideas."
All ideas, maybe. But certainly not all viewpoints. The Deputy Attorney General has made it clear in multiple speeches he views phone encryption as the end result of tech companies' low-minded pursuit of revenue. DAG Rosenstein repeatedly emphasized US law enforcement measures success by a different standard -- a standard mercenary phone manufacturers couldn't even begin to approach.
Of course, the FBI head also nodded towards the importance of device security.
"I get it, there's a balance that needs to be struck between encryption and the importance of giving us the tools we need to keep the public safe."
But does he actually "get it?" What if the status quo is the ending "balance?" Would that satisfy Wray? Doubtful. He wants law enforcement-friendly security holes and he wants tech companies to provide them voluntarily.
The number of locked devices means nothing. The "6,900 mobile devices" will be 8,000 or 10,000 by early next year -- sound-and-fury totals signifying nothing. It was 6,000 phones when Comey trotted out numbers earlier this year. It will always increase and it will always grab eyeballs but it won't ever mean anything unless the FBI is willing to provide a lot more context.
Is the FBI just spectacularly bad at cracking cell phones? We're not hearing these complaints from local law enforcement agencies with less expertise and lower budgets. Is the FBI just not even trying? Is it not using everything it has available -- including a number of judicial forgiveness plans for rights violations -- to get into these phones? It's inconceivable the nation's top law enforcement agency is experiencing nearly a 50% failure rate when it comes to locked phones.
All Wray says is there are 6,900 phones the FBI hasn't gotten into. Yet. What's never discussed is how many investigations resumed unimpeded by cellphone encryption. Phones are not the sole repository of criminal evidence in any investigation. The FBI has options even if the seized phone seems impermeable. The FBI insinuates it's being stopped, but never specifies how many of these phones have resulted in terminated investigations.
It's just a number, divorced from context, but one the FBI can ensure will always be larger than last time it was mentioned.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: chris wray, context, crime, encryption, fbi, going dark, phones
Reader Comments
The First Word
“Subscribe: RSS
View by: Time | Thread
6900 cases
Proper legal authority? They have 6900 warrants with sufficient specificity to search those phones, or are there 6900 subpoenas that authorize non-specific fishing expeditions issued by some DoJ rubber stamping troglodyte supervisor? Or are these the phones confiscated for having the temerity to cross a border without every single byte in ones possession or that one has access to being exposed?
[ link to this | view in thread ]
Homeland Security
[ link to this | view in thread ]
Re: 6900 cases
Maybe it is that there are 6,900 phones that they are unable to access content from .... maaaybe here's the part they left out ... without using our advanced methods.
[ link to this | view in thread ]
I'd wager the answer is "not many".
[ link to this | view in thread ]
[ link to this | view in thread ]
If it's true, it means that encryption is working as intended.
[ link to this | view in thread ]
I think the real story here is that the FBI seems to be able to acquire the legal authority to access an awful lot of phones. According to some simple Google searches, 67% of people don't even have a password on their phone. Why are they searching so many phones?
[ link to this | view in thread ]
Re: Homeland Security
[ link to this | view in thread ]
Balance?
[ link to this | view in thread ]
Re: Homeland Security
(PRZ) "...Practically no one in the commercial world of cryptography qualified under this criterion!"
(BS) "Yes, and that makes our job at the NSA so much easier"
- Conversation between Philip Zimmermann and Brian Snow, a senior cryptographer with the NSA.
[ link to this | view in thread ]
"Pursuit of revenue"
Let's focus on that: how is phone encryption aiding revenue unless there is a significant ratio of people wanting privacy and not trusting the infrastructure's and/or the government's integrity? Does that mean that a revenue-relevant ratio of tech company customers consists of criminals and/or terrorists?
Or does it rather mean that a revenue-relevant ratio of tech company customers thinks the government cares shit about the Fourth Amendment to a degree that they'd listen in on anything including stuff of private nature without warrant?
If you want to target terrorists and criminals, wouldn't it make more sense to mess with the Second rather than the Fourth Amendment once you decide the Bill of Rights is optional? Obviously, the problem is that that's harder to do in a sneaky and underhanded manner.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
One after the other.
[ link to this | view in thread ]
Re: One after the other.
So long as we use a dictionary other than the one they seem to be using for 'responsible' perhaps.
[ link to this | view in thread ]
Re: "Pursuit of revenue"
The analogy is a little loose, but it's rather like an agency that got busted peeking through every window in every house they could now whining that 'house designers' have built 'closed by default blinds' on the windows.
If 'encryption by default' has become a selling point it's because they made it absolutely clear that it was needed. That if people wanted to protect their privacy they were going to have to do it themselves, as they could not trust the police/government to do so.
[ link to this | view in thread ]
[ link to this | view in thread ]
The FBI are notorious Luddites
Yeah, that's right, the 20th. The FBI only recently switched from having all of their interviews and interrogations recorded by an agent with a pencil and paper tablet. They still refuse to switch to even tape recorders, let alone digital recorders, for all such recordings -- they claim the paper and pencil method is somehow more accurate and less prone to error, though they won't or can't say how.
The majority of FBI agents have a very extensive history of simply behind incapable of comprehending modern technology -- there was a book about it back in the 1990s, called The Hacker Crackdown, which is available online for free. They haven't improved much since then. The sheer Keystone Kops absurdity of how the feds acted, combined with the astounding constitutional violations, mean that many people refuse to accept it could possibly be a work of non-fiction, and shelve it accordingly in libraries.
[ link to this | view in thread ]
[ link to this | view in thread ]
Re:
[ link to this | view in thread ]
Re:
Gun control isn't responsible. Gunplay is.
[ link to this | view in thread ]
Re:
They didn't. At all. That's why prisons were completely empty before smartphones were invented, they couldn't successfully convict anyone due to lack of evidence.
It was only once smartphones really hit the market that prosecutors and investigators finally had a way to find incriminating evidence, and now they're upset that the Golden Era of Law Enforcement might be coming to a close, that the narrow window where they could at last successfully prosecute someone might be ending, and naturally they're upset about it.
[ link to this | view in thread ]