Did Santa Bring You A Smartphone? Uncle Sam Wants The Passcode

Dec 29, 2015

Congratulations! You got an Apple iPhone 6s for Christmas.  Or maybe it was a Samsung Galaxy S6 Android phone.  Both are top of the line smartphones with sleek designs, ultra fast processors, great battery life and excellent cameras.

Both phones have something else the U.S. Government is nervous about: encryption that neither the government nor the manufacturer can break.  This encryption is incorporated  into the iPhone 6S. Galaxy S6 owners can choose to activate this feature.  When  activated, only iPhone 6S or Galaxy S6 owners, using the passcode they generated, can access the phone.  All of the data on these phone is encrypted through "full disk" encryption and cannot be read without the passcode.

Thus new level of encryption is available on some older phones.  This includes iPhones and iPads running the iOS 8 or iOS 9 operating systems.  Other Android phones running the Lollipop 5.0 operating system or later also have this encryption available.

The U.S. government -- especially the National Security Agency (NSA) -- claim the new enhanced smartphone encryption is a threat to national security because it makes it impossible to retrieve information from the phones of terrorist suspects and criminals.

Apple and Google (the developer of the Android operating system) claim their new encryption software is to protect sensitive information of users from hackers and criminals.  According to Apple CEO Tim Cook, growing demands by U.S. legislators and intelligence officials for a "backdoor" would pose a significant security risk to iPhone users since it is impossible to create a backdoor that bad actors could not exploit.

There's little doubt that the primary purpose of the new Smartphone encryption is not to protect users from criminals or terrorists.  It is to protect users from the government, especially NSA, due to controversy over alleged government spying on the cell phones of Americans sparked by the illegal disclosure of classified information by former NSA technician Edward Snowden.

The Snowden leaks led to criticism of phone companies for providing call data to the U.S. government either voluntarily or in response to court orders.

Concerned about the bad publicity caused by the Snowden leaks, many phone companies said they would no longer share any customer data with the government unless forced to by a court order.  By installing encryption into their smartphones that they can't break themselves, Apple and Google went one step further by making it impossible for them to comply with court orders for customer data.

Apple CEO Cook defends the new encryption because he believes privacy is a fundamental human right.  He recently said in a '60 Minutes' interview, "I don't believe that the tradeoff here is privacy versus national security . . . "We're America.  We should have both."

Many government officials take a different view and believe law enforcement and intelligence agencies need the ability to search phones for photos, messages and web histories to solve a range of serious crimes such as murder, child pornography and preventing terrorist attacks.  Manhattan District Attorney Cyrus Vance is one of these officials and said in a November 2015 report on smartphone encryption that smartphone encryption prevented his office from solving over 120 criminal cases.

In an August 11, 2015 New York Times op-ed, Vance, Paris chief prosecutor François Molins, Commissioner of the City of London Police Adrian Leppard and Chief Prosecutor of the High Court of Spain Javier Zargoza described the June murder of a father of six in Chicago that might be solved if evidence could be retrieved from iPhone 6 and Samsung Galaxy S6 Edge smartphones found at the scene of the crime.  An Illinois state judge issued a warrant ordering Apple and Google to unlock the phones and share with authorities any data they contained with law enforcement.  Both companies said they could not comply with the warrant since they did not know the passcodes and were unable to break into the phones.

In responding to Cook's '60 Minutes' interview, Vance said in a statement: "iPhones are now the first consumer products in American history that are beyond the reach of lawful warrants.  The result is crimes go unsolved and victims are left beyond the protection of law. Because Apple is unwilling to help solve this problem, the time for a national, legislative solution is now "

The Paris and San Bernardino terrorist attacks have caused increased pressure in Congress to pass legislation requiring tech companies to decrypt customer data upon government request.  Senator Richard Burr (R-NC), the Chairman of the Senate Intelligence Committee, is leading this fight and said in a December 23 Wall Street Journal op-ed, "The time has come for Congress and technology companies to discuss how encryption—encoding messages to protect their content—is enabling murderers, pedophiles, drug dealers and, increasingly, terrorists."

The British government has similar concerns and last month submitted the "Investigatory Powers Bill" to Parliament.  If passed, this bill will give the UK government enhanced powers to monitor electronic communications to protect national security, including  giving security services and police legal authority to hack into and bug computers and phones and placing new legal obligation on tech companies to assist with government operations to bypass encryption.

So where will this end up?  I believe it is likely that the U.S. and other Western governments will pass legislation forcing Apple, Google and other tech companies to drop unbreakable encryption on smartphones and computers so they can comply with lawful orders to turn over customer data.  It is less likely that tech companies will be required to provide "backdoors" so the NSA and other intelligence agencies can access smartphones on their own.

Even if this happens, it will not completely solve the government's problem with enhanced encryption.  While laws addressing this issue will help solve criminal cases on the local level, determined criminals and terrorists will be able to continue to hide their electronic communications by using other commercial encryption programs and services.  Cracking down on all of these will be a hopeless task.

So what does this mean for you?  There probably will be a software update in the near future for your new smartphone that slightly weakens your phone's encryption so your phone provider can access its data in response to a court order.  But before that happens, there will be another robust debate in Congress on how to balance electronic privacy against security.

Fred Fleitz is Senior Vice President with the Center for Security Policy where he focuses on the Iranian nuclear program, terrorism, the Middle East and intelligence reform. He served in U.S. national security positions for 25 years with CIA, DIA, the Department of State and the House Intelligence Committee staff.  During the administration of President George W. Bush, Fleitz was chief of staff to John Bolton, then Under Secretary of State for Arms Control and International Security.   

Share this URL: https://goo.gl/73Iqyw

Read the full story at epictimes.com.