FBI director lashes out at Apple, Google for encrypting smartphones

26 Sep, 2014 17:03 / Updated 10 years ago

The companies responsible for powering nearly 95 percent of the smart phones in the United States say they’re embracing encryption for the sake of their customers’ privacy, and that’s concerning to the head of the FBI.

On Thursday this week, FBI Director James Comey attacked recent reports regarding both Apple and Google’s efforts to provide customers of their respective operating systems with the ability to secure data with encryption unlike anything previously available for mainstream mobile devices: Apple claims that even its own Palo Alto, California engineers can’t crack into locked phones running the iOS 8 platform released this month, and Google says its new Android devices will offer data encryption by default.

Speaking to reporters during a briefing in Washington on Thursday, Comey outright complained about the companies’ announcements and insisted that their efforts will severely hinder law enforcement operations.

"There will come a day -- well it comes every day in this business -- when it will matter a great, great deal to the lives of people of all kinds that we be able to with judicial authorization gain access to a kidnapper's or a terrorist or a criminal's device,” the Huffington Post quoted Comey as saying. “I just want to make sure we have a good conversation in this country before that day comes.”

“I'd hate to have people look at me and say, 'Well how come you can't save this kid,' 'how come you can't do this thing,’” he added.

Unfortunately for the Obama-appointed head of the FBI, however, that day may have already come and gone, at least with respect to Apple. Upon release of the company’s latest operating system last week, Apple said in a statement that “personal data such as photos, messages (including attachments), email, contacts, call history, iTunes content, notes and reminders is placed under the protection of your passcode,” adding, “Apple cannot bypass your passcode and therefore cannot access this data.”

“So it's not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8,” Apple said.

On Sept. 18, Google announced they’d be adopting now security-minded practices as well. “For over three years Android has offered encryption, and keys are not stored off of the device, so they cannot be shared with law enforcement,” spokeswoman Niki Christoff said to the Post. “As part of our next Android release, encryption will be enabled by default out of the box, so you won't even have to think about turning it on.”

According to a recent study conducted by digital pollsters comScore, Android and Apple control a 52.1 percent and 41.9 percent share of the market, respectively, with regards to operating systems in the US as of May 2014.

Big names from within the FBI and Justice Department at large have previously spoken out about the federal government’s desire to eavesdrop on conversations conducted in the digital realm, be it on websites or with text messages sent between cell phones, but Comey’s latest remarks may be the most direct yet to come from an individual as high up in the executive branch.

"I like and believe very much that we should have to obtain a warrant from an independent judge to be able to take the content of anyone's closet or their smart phone," HuffPo quoted Comey. "The notion that someone would market a closet that could never be opened -- even if it involves a case involving a child kidnapper and a court order -- to me does not make any sense."

"Google is marketing their Android the same way: Buy our phone and law-enforcement, even with legal process, can never get access to it," he said.

According to the Washington Post, Comey told reporter that he said he could not understand why companies would “market something expressly to allow people to place themselves beyond the law” — a quip that quickly attracted criticism.

“Um, what ‘law’ is that?” Hanni Fakhoury, a former federal public defender who currently works as a staff attorney for the Electronic Frontier Foundation, tweeted on Thursday.

“It’s disappointing that the FBI has chosen to focus on examples where encryption might potentially slow hypothetical investigations, while ignoring the fact that strong, reliable encryption is the only way we have to prevent a wide range of very real and very serious crimes,” Matt Blaze, a computer security researcher and professor at the University of Pennsylvania, told the Associated Press. “We rely on smartphones to manage and protect more and more aspects of our business, personal and financial lives."

Indeed, the American Civil Liberties Union’s chief technologist, Christopher Soghoian, wrote on Twitter on Thursday that “it wasn’t so long ago that top FBI officials were advising people to encrypt data to protect it from hackers,” along with a link to remarks made by then-FBI Executive Assistant Director Shawn Henry about “some of the most critical threats facing our nation” in 2011.

FBI director claims Apple/Google encryption allows people to place themselves "above the law;" um what "law" is that? http://t.co/YXShkWcWIo

— Hanni Fakhoury (@HanniFakhoury) September 25, 2014

It wasn't so long ago that top FBI officials were advising people to encrypt data to protect it from hackers. http://t.co/ahFjCJSBkj

— Christopher Soghoian (@csoghoian) September 26, 2014

Managing the consequences of a cyberattack entails minimizing the harm that results when an adversary does break into a system,” Henry said at the time. “An example would be encrypting data so the hacker can’t read it, or having redundant systems that can readily be reconstituted in the event of an attack.”

In the three years since those remarks were first made, however, the revelations concerning the US National Security Agency’s widespread surveillance programs has prompted an increasing amount of people worldwide to adopt standards intended to protect themselves against eavesdroppers, be they government agents or otherwise. Leaked NSA documents have shown that government agencies have adopted spy practices that may range from tapping into data sent to Google’s massive server warehouses to breaking into iPhones with a 100 percent success rate, the likes of which have been attributed with the marketing of ultra-secure mobile devices as well as a surge in the number of people turning to online anonymity solutions, such as the Tor browser.

As Georgetown University law professor Orin Kerr told the Washington Post, however, the FBI wants to be able to pry into the phones and ergo the lives of Americans — but first with an individualized order, and not a blanket issue like the kind that lets the NSA sweep up phones records of millions of Americans on a regular basis.

"The outrage is directed at warrantless mass surveillance, and this is a very different context. It’s searching a device with a warrant,” Kerr told the paper.

Earlier this year in July, the US Supreme Court ruled that police, in most circumstances, must get a search warrant before they can scoop up data from cellphones. Los Angeles Police Department Detective Brian Collins told the Washington Post this week that he does forensic analysis on about 30 smartphones a month for the LAPD’s anti-gang and narcotics investigations and fears being unable to further aid law enforcement if Apple, Google and other tech companies increasingly turn towards encryption.

“I’ve been an investigator for almost 27 years,” Collins said, “It’s concerning that we’re beginning to go backwards with this technology.”

“Apple will become the phone of choice for the pedophile,” John J. Escalante, the chief of detectives for Chicago’s police department, added to the paper. “The average pedophile at this point is probably thinking, I’ve got to get an Apple phone.”