Law Enforcement Official Claims Citizens Use Better Encryption Than Cops Do
from the when-you-don't-understand-the-subject-but-think-you-should-offer-an-expert-o dept
Arguing against encryption is a popular law enforcement pastime. The problem is there really aren't many good arguments to be made against the use of encryption, so people like Attorney General Bill Barr and FBI Director Chris Wray have to summon up apocalyptic scenarios or beat down straw men of their own creation to score points for their side.
Given that the anti-encryption side is loaded with disingenuous intentions, it's really no surprise to see statements being made by law enforcement officials that are either stupid or lies… or maybe some combination of both. A recent NPR discussion of calls to end encryption features a real gem from an official representing a Tennessee law enforcement agency.
[NPR Host Martin] KASTE: There's been a lot of media attention lately on the FBI showdowns with Apple about opening iPhones used in terrorism. But those situations are relatively rare, given that the feds often have other ways of getting information. What's more common is that end-to-end encryption is frustrating local law enforcement - people like Cpt. Clay Anderson.
CLAY ANDERSON: It comes into play at least probably once or twice every single week.
KASTE: He supervises investigations for the sheriff's office in Humphreys County, Tenn. They get a lot of cases involving sexual exploitation - predators grooming minors via online messaging.
ANDERSON: In those cases, you run into dead ends because you can't get past encryption. I mean, who needs that type of encryption other than maybe the military with some type of sensitive operation that they're doing? You know, we don't even in law enforcement use encryption like that.
First off, YES, law enforcement uses encryption like that. Do officers carry smartphones? Then they're using "encryption like that." Are the sheriff office's internal communications and on-site databases encrypted? Then they're using "encryption like that." How about the laptops in their vehicles? I sincerely hope those are protected by "encryption like that."
"Encryption like that" apparently refers to encryption law enforcement can't break easily. In other words, encryption law enforcement doesn't have the passwords to. There's no "military-grade" encryption. Either encryption works or it doesn't. It's not a matter of "grades." These words might sound meaningful to people not familiar with encryption, but they're meaningless to anyone with the slightest familiarity with the subject.
"Military grade" meant something nearly 30 years when the government restricted the export of encryption methods that couldn't easily be broken by US agencies. The explosion of consumer products (computers, smartphones) that has occurred since that point has rendered the line between "consumer" and "military-grade" encryption nonexistent.
The military uses the same encryption consumers do. Captain Clay Anderson's parroting of Bill Barr's idiotic talking points suggesting device manufacturers start using a dumbed-down encryption method for consumer electronics is just that: idiotic. To compromise encryption millions of consumers use would also compromise the encryption the government (home of "military-grade") uses, as Bruce Schneier points out.
The thing is, that distinction between military and consumer products largely doesn't exist. All of those "consumer products" Barr wants access to are used by government officials -- heads of state, legislators, judges, military commanders and everyone else -- worldwide. They're used by election officials, police at all levels, nuclear power plant operators, CEOs and human rights activists. They're critical to national security as well as personal security.
Hopefully, Captain Anderson is just ignorant. Hopefully his officers and his department are making full use of "encryption like that." To do otherwise would be irresponsible. Or maybe Anderson is just upset he can't get all the evidence he needs by sitting at his desk. He doesn't really seem to be the best choice for investigating crimes against children.
In early September 2012, Jackie Little went to investigators with the Humphreys County Sheriff’s Office to report that she had been raped by three men.
In recorded video of her interview, Sheriff Chris Davis can be heard vowing to investigate while sitting in a room with the detective assigned to the case, Clay Anderson.
“If they’ve done this to you, we’re going prosecute them. We’re going to prosecute them wide open,” Davis said.
But our investigation found Anderson never even attempted to gather DNA evidence, didn’t seek out one piece of potential video and interviewed the three suspects several months after the rape was reported.
Anderson was twice recommended for termination by other law enforcement agencies, but resigned before termination could occur, leaving him free to join this department and add his, um, "skills" to their investigatory unit. Now, he's the regional face of "going dark" and his arguments are proving to be just as questionable as his law enforcement career.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: clay anderson, encryption, law enforcement
Reader Comments
Subscribe: RSS
View by: Time | Thread
'I didn't get this job to do work damnit!'
ANDERSON: In those cases, you run into dead ends because you can't get past encryption.
...
But our investigation found Anderson never even attempted to gather DNA evidence, didn’t seek out one piece of potential video and interviewed the three suspects several months after the rape was reported.
Pretty sure the major stumbling block to any investigations he's involved in are probably not on the device end of the equation if that is how he treated a rape investigation, with any encryption likely being used as nothing more than an excuse for why they aren't doing anything.
Far more horrifying however is how utterly vile or at the very least grossly indifferent the department that hired him has got to be if his history included that and 'resigned after two recommendations that he be fired' wasn't enough to keep them from deciding that they really wanted someone like that on the force.
[ link to this | view in chronology ]
Re: 'I didn't get this job to do work damnit!'
Essentially anderson's "investigation" - and I use that term only by stretching the definition of it - seems to consist of ignoring every step of basic investigation and then try to metaphorically save his bacon by claiming the coins he tossed down a wishing well didn't result in him spontaneously running into perpetrators wearing signed confessions pinned to their foreheads.
After a proven record of incompetence, he now feels compelled to comment - erronoeusly - about the tech tools available to his department?
I can't dismiss the possibility that Barr has been looking all over for cops willing to "support" his crusade against encryption with grass-roots "testimony". And found...Captain Anderson, probably while scraping the slime in the bottom of the barrel.
[ link to this | view in chronology ]
Typo
"The problem is there really aren't many good arguments to be made against the use of encryption..."
The problem is there really aren't any good arguments to be made against the use of encryption.
Fixed!
[ link to this | view in chronology ]
Paranoia may destroy ya
Governments are the most paranoid of anyone or anything on the planet.
[ link to this | view in chronology ]
Re: Paranoia may destroy ya
What do you expect when the people you work with will bury a knife in your back if it increases their power.
[ link to this | view in chronology ]
Nothing Like Pulling Random Stats Out of Your Ass
"It comes into play at least probably once or twice every single week."
Citing the frequency of his bowel movements accounts for why he's usually so full of shit.
[ link to this | view in chronology ]
Selective use of comparative firepower
I have only very rarely heard of law enforcement using this argument to discuss firearm restrictions. In fact, living in a rural area it is exactly the opposite. It is very telling that law enforcement seems to be more focused on how people use their constitutional rights to express themselves than on how far they push the 2nd amendment.
[ link to this | view in chronology ]
Better encryption..
Of course we citizens have better encryption than law enforcement. We don't have qualified immunity, deferential politicians and courts, unions, and fellow people all working together to ensure that only the most flagrant of violations is made public or punished.
[ link to this | view in chronology ]
"Encryption like that"
Do they use Windows PCs? Do they turn on BitLocker? Then they ARE using "encryption like that".
[ link to this | view in chronology ]
Minor tweak
Law Enforcement Official Claims Citizens Use Better Judgement Than Cops Do
[ link to this | view in chronology ]
Sounds like he's just ignorant of the encryption he uses, like many of the people out there similarly ignorant of their use of it. I'd wager most of us trust vendors to leverage best practice security on our behalf. He's only aware of other people's security because he's acting as the adversary being successfully protected against.
[ link to this | view in chronology ]
"You know, we don't even in law enforcement use encryption like that."
If civilians, using things created by civilians, have greater access to tech than you do, maybe the civilians aren't the problem. Maybe you should be asking exactly what your limited budgets are being spent on if everyone else can get better stuff for free. Especially since most ordinary people are using the tech to protect against the same criminals you're supposedly fighting against.
[ link to this | view in chronology ]
https://wreg.com/news/tn-detective-investigating-rape-admits-he-didnt-gather-evidence/amp/
[ link to this | view in chronology ]
We have better guns and armor, too.
[ link to this | view in chronology ]
Re:
Unless you have an MRAP in your garage and fully automatic weapons I think you may be misinformed.
[ link to this | view in chronology ]
It depends on the county
Rural families tend to have high-powered (.306 or .308) rifles handy which are longer ranged and better quality than the assault rifles that are issued to police (unless we're talking about the snipers particular to metropolitan SWAT teams).
To be fair, an AK-47 is preferred by many American soldiers over the Armalite-based guns on the field, and an AK clip of 7.62×39mm ammo is a common addition to muster for those sent into hot-zones where AKs are used by the enemy. Largely, they require much less maintenance than GI.
Depending on the county, body armor that stops the 5.56×45mm NATO round is illegal for civilians to own. Not that it helps much; a hit to body armor may keep its wearer alive, but it will certainly put an end to his day.
[ link to this | view in chronology ]
Re: It depends on the county
"Rural families tend to have high-powered (.306 or .308) rifles handy"
Did you mean .30-06?
I had not heard of a .306.
[ link to this | view in chronology ]
Thirty-Aught-Six
That's the one.
[ link to this | view in chronology ]
Re: It depends on the county
"To be fair, an AK-47 is preferred by many American soldiers over the Armalite-based guns on the field..."
Can't blame them. you fight a war anywhere other than in an urban zone free of dust and water you spend almost as many hours cleaning your weapon than you do marching with it.
Meanwhile in the desert someone can shake the sand out of an old AK-47 which has been laying in a dune for 20 years and start using it without problems.
[ link to this | view in chronology ]
Assault rifles
The US military never really took assault rifles seriously. The M1 Garand was really good in WWII and Korea. And the Corpsmen I talked to that used the M14 in Vietnam invariably preferred it over the M16. That and introducing a shorter-cartridge assault rifle was a logistics nightmare because it was yet another supply chain that needed to be maintained.
So why'd we do it?
War logic. Our generals like our machine gun emplacements which were doing a lot of the heavy lifting. Way more proportionally than single man rifles. They revised squads to feature three machine gun teams rather than one.
For a while the generals imagined infantry squads wouldn't bother with standard infantryman rifles, relying only on the machine guns and snipers, but they realized the ordinary riflemen wouldn't stand for being issued just a handgun. The (plastic, not oak) M16 assault rifle was, in the minds of the brass, a compromise.
Meanwhile, Kalashnikov invented pretty much the best general-issue infantry weapon one could hope for, which dominates battlefields worldwide to this day.
[ link to this | view in chronology ]
Re: Assault rifles
"War logic. Our generals like our machine gun emplacements which were doing a lot of the heavy lifting..."
"...The (plastic, not oak) M16 assault rifle was, in the minds of the brass, a compromise."
A weapon which fulfilled neither the criteria of reliability and accuracy nor the promise of greater firepower. Yeah, i can see the "compromise" right there. Unless I'm very much mistaken, the first thing every soldier is taught is to keep his rifle on semi-auto 95% of the time as well.
There is some justification. The US habit in WW2 of bolting a .50 caliber machine gun to any moving platform capable of taking the recoil did add force multipliers against anything encountered this side of actual tank platoons. The emergence and success of the grease gun and the MP-40 SMG's in trench and city warfare added to the perception that full auto was the way any soldier needed to go.
But as you pointed out, it's "war logic". The M-16 doesn't fulfill any of the criteria for a dedicated specialist and remains a flimsy unreliable pita for the average private. Leaving the AK - and other brands dedicated to reliability, to remain the preferable field weapon. The early M-16 variant's tendency to backfire, launching the firing pin into the skull of the wielder, probably didn't add much to it's popularity.
[ link to this | view in chronology ]
Re: It depends on the county
You can still fire an AK-47 after its been in the drink muddy and dried dirt without it jamming. It also cools quicker.
[ link to this | view in chronology ]
Re: Re: It depends on the county
People have dug AK-47's out of desert sand where they'd been resting for 40+ years. Usually just shaking the sand out has them fully operational.
[ link to this | view in chronology ]
Anyone else remember when cops used to be able to actually investigate crimes, instead of pushing a couple of buttons and letting computers do all their work for them? It's almost as if they don't know what to do if the evidence isn't presented to them on a computer screen.
[ link to this | view in chronology ]
Re:
cops dont investigate..Detectives do..
Cops do as they are told to do..
[ link to this | view in chronology ]
This sounds like a semantics matter.
I'm pretty sure even beat officers are given a minimum amount of situation-assessment training, even if they aren't able to do forensic analysis (few can) they can take witness testimony and assess who did what to whom. They're supposed to, at any rate.
More and more, the courts are deciding that the fourth amendment applies to the contents of cell phones, that they cannot be searched without a warrant. Also the fifth amendment in that a suspect cannot be forced to unlock his own phone. (Of course all this gets thrown out the window if evidence for a sufficiently severe crime is uncovered through illegal means)
This all is a good thing (while it lasts), since dissent against The Party is likely to be criminalized within the next decade.
[ link to this | view in chronology ]
Re: Re:
Except that not every department has a detective. Smaller departments it is the patrol officers that do the investigations.
[ link to this | view in chronology ]
"I mean, who needs that type of encryption?"
Every business, ever.
[ link to this | view in chronology ]
Re: "I mean, who needs that type of encryption?"
Also, journalists, whistleblowers, undercover operatives, people under witness protection, anonymous or pseudonymous activists, detectives/PIs, victims of stalking and/or domestic abuse, writers communicating with publishers, politicians, celebrities, consultants, anyone involved in any field in medicine, lawyers, people who consult lawyers… Actually, it’s pretty much anyone.
[ link to this | view in chronology ]
"journalists, whistleblowers, undercover operatives..."
While I entirely agree, I suspect Captain Clay Anderson might not be able to comprehend a list that long. But then he might also not be able to understand why businesses as a matter of course need data security.
[ link to this | view in chronology ]
Re: "journalists, whistleblowers, undercover operatives..."
Yeah, he doesn’t seem to comprehend the concept that anyone outside the military might have some lawful communications/data that they have lawful reasons (and in some cases are legally required) to keep extremely secure from some other person or entity who may be or employ a very adept hacker capable of bypassing any encryption that’s sufficiently weak (even if the encryption isn’t actually that weak). The people who hack the military have the same tools, knowledge, experience, and capabilities as people who hack literally anyone else, so unlike with weapons, armor, vehicles, or sensors, there’s no reason to expect that the dangers to the military necessitate stronger encryption than civilians would need.
He also seems perplexed that most LEOs use devices with the exact same encryption as anyone else, or that evidence can be found outside of electronic data stored specifically on the suspect’s device. So yeah, Captain Clay here probably wouldn’t be able to comprehend why businesses would regularly need strong data security.
[ link to this | view in chronology ]
how to tear this apart?
this is local law enforcement:
CLAY ANDERSON: It comes into play at least probably once or twice every single week.
KASTE: He supervises investigations for the sheriff's office in Humphreys County, Tenn. They get a lot of cases involving sexual exploitation - predators grooming minors via online messaging.
Wow, you get a complaint from an Adult, about someone taking to your kid..
There are already a few groups doing this to TRACK these people...And he Cant figure it out???
[ link to this | view in chronology ]
Maybe the cops should get smarter people in the purchasing dept.
[ link to this | view in chronology ]
Is he saying that P25 is weak?
[ link to this | view in chronology ]
Re:
"Is he saying that P25 is weak?"
I think he's saying that "Technology bad, Herp Derp."
His prior records show he probably wouldn't know the right button to push on his walkie-talkie, let alone the finer details of digital radio encryption.
[ link to this | view in chronology ]
[ link to this | view in chronology ]
In this case stupidity = malice
It's a known consistent observation on TD that people will stay ignorant if their paycheck depends on that ignorance.
But then, paid ignorance is malice.
[ link to this | view in chronology ]
Encryption, like many other tools are only as good as how they're used, or even if they're used. Take another security product for example: backups. The best backup technology in the world does no good if don't have a good backup regimen.
For them to lament against "encryption like that" is genuine, even if not in the way they intend it to be. The average Joe or Josephine has an owners manual, some online help files, and maybe a tech support hotline or community forum, to help them implement security on their devices.
What does the government have? Whole buildings full of trained security staff, available at a moment's notice. Reams of extensively researched best practices, policies and mandates for implementation of protective measures on department-supplied hardware. Incident teams to immediately respond to breaches.In other words, they have an army of nerds to deal with the hardening issues that the regular user can't be bothered with. Most wouldn't even know where to start protecting themselves.
They certainly have the resources to acquire infiltration technologies from the private sector. And no matter how poorly funded a CSI lab is, it's still far more capable than the garden-variety smartphone user.
When they say they don't have "encryption like that", well, in a sense, they're right. They have much more.
[ link to this | view in chronology ]