FBI concerned about encryption by default for Smartphones

FBI Director James Comey said that he was “very concerned” about decision on Apple and Google to implement data encryption by default on their Smartphones.

The FBI is concerned about the improvements made by Apple and Google for their solutions to defend the security and privacy of the users. The companies have implemented encryption by default on smartphones, the choice is pushed by the need of privacy manifested by the market to protect users from surveillance activities operated by governments on a global scale.

A few days ago Google announced it would adopt data encryption by default in the next version of the Android OS L. Apple, similarly, allows data encryption for iOS based devices starting from the iOS 8 version.

According to the FBI’s director James Comey, law enforcement will face many more problems to access smartphone for investigation with serious repercussions on the results of investigations.

Comey expressed his concern on the choice of mobile device vendors in designing “something expressly to allow people to place themselves beyond the law.”

“There will come a day – well it comes every day in this business – when it will matter a great, great deal to the lives of people of all kinds that we be able to with judicial authorization gain access to a kidnapper’s or a terrorist or a criminal’s device,” Comey told reporters.

“I just want to make sure we have a good conversation in this country before that day comes. I’d hate to have people look at me and say, ‘Well how come you can’t save this kid,’ ‘How come you can’t do this thing.’” said Comey.

The FBI has already contacted both Apple and Google and requested to the companies information about the implementation of encryption.

Recently, The Washington Post published a post written by Ronald Hosko, president of the Law Enforcement Legal Defense Fund and former assistant director of the FBI Criminal Investigative Division, which criticizes the decision of Apple and Google.

“Last week, Apple and Google announced that their new operating systems will be encrypted by default. Encrypting a phone doesn’t make it any harder to tap, or “lawfully intercept” calls. But it does limit law enforcement’s access to a data, contacts, photos and email stored on the phone itself.

That kind information can help law enforcement officials solve big cases quickly. For example, criminals sometimes avoid phone interception by communicating plans via Snapchat or video. Their phones contain contacts, texts, and geo-tagged data that can help police track down accomplices. These new rules will make it impossible for us to access that information. They will create needless delays that could cost victims their lives.*” states Hosko in the blog post.“

The analysis of mobile devices is a crucial activity in the investigation ordinarily conducted by law enforcement, Apple and Android enabling the data encryption by default will advantage criminals.

“Apple’s and Android’s new protections will protect many thousands of criminals who seek to do us great harm, physically or financially. They will protect those who desperately need to be stopped from lawful, authorized, and entirely necessary safety and security efforts. And they will make it impossible for police to access crucial information, even with a warrant.”

Both Apple and Google didn’t immediately respond to requests for comments on Comey’s concerns, but it is sure that companies will maintain their position, ignoring law enforcement requests.

Pierluigi Paganini

(Security Affairs – FBI, Google, Apple)