The raging debate over encryption between U.S. law enforcement and the technology industry is misguided, according to a new study. The claim that investigators are “going dark” must be weighed against a new generation of products has made it possible for police to track people like never before.
WhatsApp, Apple iMessage and a growing range of technology products come with baked-in encryption, which ensures that an email or text message is viewed only by the sender and intended recipient. Tech companies have asserted that encryption is a necessary step forward in a world that’s rife with data breaches, though the FBI and other top law enforcers say encryption makes it easier for terrorists and criminals to communicate in secret.
The debate ignores the fact that police and spy agencies have access to a range of new technologies that are “being packed with sensors and wireless connectivity,” according to a report published Monday by the Harvard Berkman Center (PDF).
The report’s authors, including a range of cryptographers, former Obama administration officials, technologists and law professors, set out to examine whether FBI Director James Comey was right when he said the increased use of encryption meant law enforcement was “going dark” when tracking terrorist suspects.
“There are and always will be pockets of dimness and some dark spots – communications channels resistant to surveillance – but this does not mean we are completely ‘going dark,’” the report notes. “Some areas are more illuminated now than in the past, and others are brightening.”
Those areas include a Samsung smart TV that’s implanted with a microphone designed to collect customers’ voice recordings and a range of internet-connected home products that make it possible for hackers, or investigators, to know an individual’s location. Former National Security Agency Director Michael Hayden and other former government officials have also said metadata is unencrypted, making it possible for police and government agencies to monitor whom a suspect communicates with, how often, for how long, and other sensitive information.
“From the national security perspective, we must consider whether providing access to encrypted communications to help prevent terrorism and investigate crime would also increase our vulnerability to cyber espionage and other threats, and whether nations that do not embrace the rule of law would be able to exploit the same access,” the report states.
“At the same time, from a civil liberties perspective, we must consider whether preventing the government from gaining access to communications under circumstances that meet Fourth Amendment and statutory standards strike the right balance between privacy and security, particularly when terrorists and criminals seek to use encryption to evade government surveillance,” the authors wrote.