New Report Shows Cellphone Encryption Isn't Really Stopping Cops From Searching Phones
from the complaining-that-99%-access-isn't-100%-access dept
We're still hearing quite a bit about law enforcement's supposedly endless string of losses to criminals and their device encryption. Citing facts not in evidence, consecutive FBI directors -- along with outgoing Attorney General Bill Barr -- have claimed the implementation of encryption has pretty much made it impossible to successfully prosecute criminals.
We know this isn't true for several reasons . . A new report shows just how little of an effect device encryption has had on law enforcement efforts. Some of the report's highlights are touched on by Lawfare's Susan Landau. We've heard the complaints encryption is keeping law enforcement out of seized cellphones. The reality is much more worrying. Not only is encryption not much of a barrier, but law enforcement tech allows investigators to access pretty much everything before trimming it down to what's been asked for in warrant affidavits.
These forensic tools are quite sophisticated. FBI Director Christopher Wray once complained that “warrant-proof encryption,” like that used on iPhones, prevents law enforcement access to crucial evidence. But Upturn found that the forensic tools copy all the data found on a cellphone. The tools then sort the data so that law enforcement can easily search through it. And MDFTs include some features that make law enforcement’s job even easier. For example, Cellebrite, perhaps the most sophisticated MDFT, can compare a facial image, such as from a police database, to any of the faces in photos stored on the phone. Others MDFTs classify text conversations by topic, such as drugs, money or family.
The MDFTs work on a variety of sophisticated phones. Cellebrite says it can extract data from “all iPhone devices from iPhone 4S to the latest iPhone 11 / 11 Pro / Max running the latest iOS versions up to the latest 13.4.1.” The company claims to be able to handle even locked iPhones and Android devices.
"Going dark" is nothing more than rhetoric. The reality is encryption isn't much of a roadblock. The report by DC think tank Upturn shows there's little standing in the way of law enforcement forensic extractions, no matter how much federal officials claim otherwise. The business of cracking/scraping phones is largely automated -- plug-and-play invasive searches that pretty much ignore efforts owners might make to secure their devices against government intrusion.
Mobile device forensic tools (MDFTs) are so powerful, Upturn recommends the ban on consensual searches of cellphones, given what investigators can access when they're deployed. . . .People may think these powerful tools will only be aimed at the worst criminals -- drug kingpins, child molesters, financial services firms, etc. BUT THEY'RE NOT. They're used for everything because they're cheap, easy, and convenient.
Law enforcement use these tools to investigate not only cases involving major harm, but also for graffiti, shoplifting, marijuana possession, prostitution, vandalism, car crashes, parole violations, petty theft, public intoxication, and the full gamut of drug-related offenses.
. . . Our records show that at least 2,000 agencies have purchased a range of products and services offered by mobile device forensic tool vendors. Law enforcement agencies in all 50 states and the District of Columbia have these tools. Each of the largest 50 police departments have purchased or have easy access to mobile device forensic tools. Dozens of district attorneys’ and sheriff’s offices have also purchased them. Many have done so through a variety of federal grant programs. Even if a department hasn’t purchased the technology itself, most, if not all, have easy access thanks to partnerships, kiosk programs, and sharing agreements with larger law enforcement agencies, including the FBI.
So, there's plenty of access. Funding isn't a problem. Vendors have solutions that scale because there's plenty of access and plenty of funding. But the complaints continue. And the complaints continue despite how much is being extracted with each deployment.
MDFTs pull every photo on the device, extracting metadata that shows when and where photos were taken. It pulls data from every app that generates it, including location data, which allows law enforcement to track movement without a warrant. The extraction tools can also pull deleted data, allowing investigators to perform digital trash pulls for additional evidence. . .
Then there's the third parties themselves. While the FBI and others complain about a lack of access, any data/communications stored by cloud services can be recovered without having to deal with device encryption.
The wealth of data available to law enforcement allows them to engage in fishing expeditions for evidence of other crimes. The only thing stopping them is the courts, so it's worth their while to dig through everything, considering the worst case scenario is a dismissed case, rather than fines, fees, sanctions, or anything else that might hurt them more directly.
A city or state might ban facial recognition searches, but cops can still do this without violating the specifics of the ban, thanks to built-in tools
> They can also look for anything else conceivably incriminating (or titillating) without having to screw with their tools' default settings.
> There's another "war" at play here -- one that's rarely referenced by law enforcement officials. Every vendor wants more customers, so they're always improving their tech. The healthy competition makes tools more powerful while dropping their price, ensuring equal access for law enforcement agencies across the nation. The public records obtained by Upturn show there's not a single state in the Union that doesn't have access to forensic tools capable of cracking or bypassing encryption. Funding isn't an issue, given the federal government's interest in making encryption a non-issue.
That means there's thousands of extractions a year --
There is no going dark. If legislators want to believe there is, they're going to have to do so by ignoring all the evidence to the contrary. What law enforcement wants is convenience -- the ability to crack open phones without having to hook them up to a machine or beat the submission out of an arrestee. The options are there and agencies are obviously using them. Every argument that says encryption is locking law enforcement out is not just disingenuous -- it's dishonest.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: access, doj, encryption, fbi, going dark, law enforcement, prosecutors
more
No comments:
Post a Comment