Encryption Thwarts FBI Attempt To Access 7,000 Mobile Devices

Christopher Wray, the director of the United States Federal Bureau of Investigation (FBI), reported the agency has attempted and failed to extract data from nearly 7,000 mobile devices thanks to encryption, the BBC reported.

The FBI attempted to crack to those 7,000 or so devices during an 11-month period. Over that span of time, the agency failed to gain access to more than half of the devices it targeted—in large part due of encryption.

Wray, who was nominated to serve as director of the FBI by President Donald Trump, spoke at the International Association of Chiefs of Police conference over the weekend. At the event, he called device encryption “a huge, huge problem” for law enforcement.

"It impacts investigations across the board -- narcotics, human trafficking, counterterrorism, counterintelligence, gangs, organized crime, child exploitation," Wray said while acknowledging "encryption that frustrates forensic investigations will be a fact of life from now on for law enforcement agencies."

The FBI has been pushing back against encryption for years now, including a high-profile grudge match with Apple in 2016 over the company’s security protocols including encryption used to protect user data. The agency attempted to force Apple to unlock an iPhone 5C that belonged to the shooters who carried out the deadly attack at a San Bernardino County facility that killed 14 and seriously injured more than 20 others.

Apple refused to provide the FBI with the access it sought and while the FBI was eventually able to crack the iPhone thanks to a still unknown third-party vendor, the standoff set the FBI and other law enforcement agencies down the path of pushing back against encryption.

Despite the ongoing battle between Apple and other manufacturers like Microsoft and Google, FBI director Wray acknowledged that encryption tools are widely available at this point. "Even if the equipment manufacturers didn't build in such encryption it would be possible to obtain software that encrypted data in the same way," he said.

Wray also acknowledged the trade-off between the necessity of privacy for citizens and the want for access from law enforcement, stating, “I get it, there's a balance that needs to be struck between encryption and the importance of giving us the tools we need to keep the public safe."

Still, law enforcement has continued its push to either receive cooperation from companies to crack encryption when necessary or be given a backdoor that allows agencies to reach past the protection and gain access to the information they deem necessary for an investigation.

Such requests often betray a lack of understanding as to how encryption is intended to work. Communication via end-to-end encrypted apps, for example, require an encryption key to decode messages. Without the key, the messages would appear as a jumble of undecipherable characters.

For companies like Apple or Google or Facebook to include a backdoor or any sort of access to messages and other encrypted content that doesn’t require an encryption key to access would put at risk the entire premise of the protection; if encryption is cracked for one instance, the protection is no longer valid.

“I can’t build an access technology that only works with proper legal authorisation, or only for people with a particular citizenship or the proper morality. The technology just doesn’t work that way. If a backdoor exists, then anyone can exploit it,” Bruce Schneier, a security technologist and Electronic Frontier Foundation board member, wrote of encryption.