FBI Wants Access To Encrypted iPhone And Android Data—So Does Europe
What now for encryption?
The FBI has confirmed it wants “lawful access” to fully encrypted data, which includes end-to-end encrypted messages and iPhone and Android backups. “Access to digital evidence and online threat information,” it says, “is critical for law enforcement to stop threats, arrest criminals, and protect victims.”
Any such access would be warranted by a court order. Right now, that’s not possible, because technology companies such as Apple, Google and Meta cannot access your fully encrypted content even if ordered by a court. That’s why the bureau refers to this as warrant-proof encryption, which it warns “is a major public safety problem with real-world impacts to American families.”
This isn’t a backdoor, the bureau says. “Users already trust these companies to maintain exclusive access to their operating systems and the private keys controlling their devices and communications systems.” And the bureau says it’s not alone in this. many other countries, “including the United Kingdom, Australia, India, and Brazil, have or are seeking similar frameworks to address lawful access.”
It’s this type of arrangement that triggered Apple’s court action against the U.K. government, after it was reportedly albeit secretly ordered to open iPhone backups in iCloud to such warranted access. The privacy backlash against the U.K.’s action has been well documented, and the implications are frightening.
The U.S. is not yet moving towards such new regulations, leaving the U.K. and now Europe to go first. On Monday, the Center for Democracy and Technology (CDT) warned the European Union it is “deeply concerned by the Commission’s continued focus on identifying ways to weaken or circumvent encryption… undermining encryption weakens the very foundation of secure communications and systems, leaving individuals, businesses, and public institutions more vulnerable to attacks.”
This follows the launch of ProtectEU, “a European Internal Security Strategy to support Member States and bolster the EU’s ability to guarantee security for its citizens,” including “a roadmap on lawful and effective access to data for law enforcement.”
The EU’s EVP for Technological Sovereignty, Henna Virkkunen, echoes the FBI’s encryption warnings. “The problem is that our law enforcement has been losing ground to criminals because our police investigators don’t have access today. That’s a big problem because we have identified that in about 85% of investigations we should have access to data… It’s something that we can’t tolerate, we can’t take care of security because we don’t have the tools to work in this digital world. We don’t have the tools and our law enforcement doesn’t have them. So, we have to find solutions.”
Any solution that works around end-to-end encryption breaks end-to-end encryption. And the security we all now rely on to protect out content has never been more under threat. “Government agencies elsewhere in the world [should] actively encourage more usage of end-to-end encryption, not less,” CDT says, “to protect the integrity of cyberspace against increased security threats.”
As WhatsApp — one of the world’s leading advocates for end-to-end encryption launches it’s biggest ever marketing campaign, which focuses on that very encryption, the battle lines are being drawn. This is a battle big tech cannot afford to lose.