France maintains one of the most sophisticated telecommunications programs in the world, yet they failed to recognize the recent coordinated terrorist attacks in Paris. These horrific events are a wake-up call for the US public and lawmakers. Smartphones are undoubtedly the most important sources of digital evidence today, but law enforcement and counterterrorism agencies can no longer perform their jobs effectively.
Lawmakers understood the importance of intercepting telecommunications to solve crimes and prevent terrorist attacks when they introduced the Communications Assistance for Law Enforcement Act (CALEA) forcing companies to design their network architecture to facilitate law enforcement intercepts. However, the growing popularity of third-party communications applications, many of which utilize strong encryption protocols, has led to the demise of CALEA.
In a digital world where 90 percent of information technology resides in the private sector, there must be cooperation from private industry. There is a popular misconception that companies are freely supplying the Intelligence Community with personal information of individuals. This is certainly not the case. In fact, any request for data on mobile phone must be accompanied with a warrant and a court order.
In 2014, Apple CEO Tim Cook made a decision to maintain full-disk encryption while pushing the encryption keys to the user device. Google and its supported manufacturers followed suit with the strategy of full-disk encryption. This means that an uncooperative suspect can deny access to his device and Apple cannot assist law enforcement. A device of a terrorist suspect arrested at a border checkpoint cannot be accessed. As a result, cases involving child sex offenders, rapists, murders and other criminals are going unprosecuted across the country.
Terrorists are tech-savvy … and understand that purchasing the latest iPhone or Android device will protect incriminating evidence. There are ways to attack encryption on devices with full-disk encryption, but successfully extracting evidenceis certainly not guaranteed. The forensic method is ineffective for time-sensitive investigations and not viable for the vast majority of law enforcement agencies and district attorney offices.
Furthermore, forensic methodology could be subjected to harsh criticism by criminal defense attorneys who may argue that it is not scientifically sound. Conversely, for Apple or Google to return to their previous model of maintaining the encryption keys would incur little cost.
Under CALEA, telecommunications companies are rewarded for complying with court-ordered searches. Therefore, lawmakers should consider compensation for smartphone manufacturers who comply with new legislation. This lack of compensation may well have been a driving force for manufacturers to move to plausible deniability, since there was no financial incentive.
Another challenge for investigators is the use of encrypted, third-party mobile communications apps which are frequently used by organized criminal gangs and terrorist groups. The topic should be debated, and there are no easy answers. However, the ability to access devices will provide investigators with critical evidence that they can work with during an investigation and may enable access to some incriminating communications.
Without new legislation, smartphone manufacturers will not change their posture. Until the issue of smartphone encryption is addressed, the backlog of criminal proceedings will grow exponentially and our national security will remain at risk.
Darren Hayes is Assistant Professor and Director of Cybersecurity at Pace University’s Seidenberg School of Computer Science and Information Systems in New York.