WASHINGTON, December 11, 2019 - Lawmakers remain concerned about law enforcement’s inability to access highly encrypted devices for investigations. Tuesday’s Senate Judiciary Committee hearing questioned some representatives from big tech on the matter.
This isn’t going to be a world where social media is a haven for child abusers and other criminals, said Committee Chairman Lindsey Graham, R-S.C. Big tech can be either the problem or the solution to this dilemma, but they need to take action on encryption. Otherwise, Graham said, these companies face repercussions from Congress.
When a crime is committed, said Ranking Member Dianne Feinstein, D-Calif., it is imperative that these devices be opened. The tech industry has a responsibility to respond to law enforcement’s concerns, she said, and that determines the degree of congressional action.
Sen. Dick Durbin, D-Ill., inquired about how encrypted information is affected under the Children's Online Privacy Protection Act. Obtaining this information is not only about deterring hackers or foreign actors, he said, but it is about the government protecting children.
Because of Section 230 of the Communications Decency Act, said Sen. Richard Blumenthal, D-Conn., big tech uniquely enjoys immunity from legal action. Sen. Sheldon Whitehouse, D-R.I., added that these companies seem to profit off encryption, yet they are unwilling to take responsibility for the negative effects they might incur.
Representatives from tech companies included Erik Neuenschwander, manager of user privacy at Apple, and Jay Sullivan, product management director for privacy and integrity at Facebook’s Messenger. They emphasized that their respective companies are actively working to ensure safety and security across devices.
Encryption is one of the most important mechanisms a nation has in order to safeguard an increasingly interconnected future, Neuenschwander said. Currently, Apple doesn’t have the ability to retrieve encrypted information off a device. However, he said, that means malicious actors also do not have access to that personal data.
Neuenschwander also added that Apple works closely with law enforcement and government agencies, receiving thousands of requests. Apple’s team has also trained law enforcement officers in the U.S. and around the world on its security processes.
Most Facebook’s methods to combat malicious actors, Sullivan said, are behavioral and based off social interaction. Facebook does not sell or share minors’ data to third parties, and Facebook does not use private messages for targeted ads or other algorithms, he said.
End-to-end encryption is the best technology available to make messages safe and secure, Sullivan continued. If the United States rolls back its support for privacy and encryption, foreign application providers will fill that vacuum to provide the privacy and security that people demand.
Tech companies have no external incentive to mandate the regulation of encrypted devices, said Prof. Matt Tait, cyber security fellow at the Lyndon B. Johnson School of Public Affairs. Encryption hinders law enforcement in three ways: device searches, which are impacted by a user passcode, traditional wiretaps, which are impacted by end-to-end communications and cyber tips, where companies can alert law enforcement of known child abuse material.
Options exist for conducting wiretaps and retaining cyber tips without altering encryption, Tait said. Only device encryption is amenable to a “front door” access mechanism.
New York City District Attorney Cyrus Vance was also on the panel, and he reiterated that law enforcement has lost functionality due to encrypted devices.
Apple and Google have engineered their phones to no longer have the capacity to be unlocked without encryption, he said. Vance said officers can only access about half of the encrypted phones that come into the DA's office.
Encrypted material should not go beyond the law when a judge signs a search warrant, Vance said. For their own private business interests, the Fourth Amendment grants a right to not only privacy but to anonymity.
Vance emphasized that law enforcement officials having access to the cloud is not a suitable substitute for lawful access to a device. The cloud only stores data that has been saved. Moreover, a user can opt not to backup particular data to the cloud. The device itself, he said, contains the most critical evidence.
- Big Tech’s Response to Coronavirus: Face Masks, Hiring Binges, Free Web Sites and Cash Donations
- Democrats Call for New Infrastructure Stimulus Legislation Includes Large Broadband Provision
- The FCC Could Do More Now About the Digital Divide, Say Panelists at Broadband Breakfast Live Online Event
- Coronavirus Roundup: Senators Urge Distance Learning, Zoom Privacy, NTIA Broadband and RUS Grants
- Federal Communications Commission Proposal for Unlicensed Spectrum in 6 GHz Band Widely-Praised
Signup for Broadband Breakfast
Health4 weeks ago
Battling Coronavirus COVID-19, Broadband Could Provide Relief Although Telemedicine May Not Help
Health3 weeks ago
Broadband Breakfast Live Online Will Stream Daily in March on ‘Broadband and the Coronavirus’
Net Neutrality1 month ago
FCC Seeks Comment on Net Neutrality Issues Remanded by Appeals Court: Public Safety, Pole Attachments and Lifeline
Section 2301 month ago
Attorney General Bill Barr Calls for ‘Recalibrated’ Section 230 as Justice Department Hosts Tech Immunity Workshop
Artificial Intelligence1 month ago
U.S. Progress on AI and Quantum Computing Will Best China, Says CTO Michael Kratsios
Antitrust1 week ago
Information Technology and Innovation Foundation Brings Global Antitrust Experts Together in Videoconference
Broadband Mapping2 weeks ago
Commerce Department’s NTIA Details Its New-Found Progress in Broadband Mapping Technology
Broadband Mapping & Data1 month ago
Poor Broadband Maps and Lack of a Consolidated Voice Hinder Advocacy for Better Rural Internet