At a recent IAPP KnowledgeNet co-hosted by the Santa Clara High Tech Law Journal, a heated discussion broke out over how far the government's reach should extend regarding obtaining individuals' personal data in the name of investigating crimes.
Ars Technica Senior Business Editor Cyrus Farivar hosted the panel and framed the discussion around the unresolved legal questions catalyzed by the Apple v. FBI encryption debate, in which the FBI wanted Apple to de-code data stored on the San Bernardino shooter's iPhone, an order Apple fought against. Farivar wanted to look at how questions about law enforcement access to data had changed “under the lens of the Trump administration."
While Google’s Nicole Jones and the Electronic Frontier Foundations’s Andrew Crocker articulated pro-user-privacy and -security thoughts on government access and encryption, it was perspectives from current and former government employees that took center stage, namely from Former Department of Justice Acting Assistant Attorney General for National Security Todd Hinnen and Tom Flattery, deputy district attorney at Santa Clara County's High Tech Unit.
While there’s no silver bullet to encryption issues, Hinnen said, it’s best that an “adult, public debate in a legislative forum” occurs, so that both teams are mollified with the eventual solution.
Flattery gave voice to what he said law enforcement was really thinking about encryption and data access issues.
“The bottom line is, crimes go unsolved. Defendants go unprotected. Victims have crimes that are unresolved,” he said. That was and is the motivator for having the option to open locked devices, he said.
He continued, accessing phones is not about checking out people’s selfies, but rather using probable cause to jump a hurdle that could prohibit investigators from cracking cases. “It’s important to understand, the government doesn’t care what’s on your phone — until you’re the victim of crime, or you’re a suspect of a crime."
Though he would soon face criticism in the room for his position, Flattery equated encrypted devices to a Minute Man silo, in the middle of nowhere, where citizens do whatever they pleased in a lawless, secure space. No reasonable person would be in favor of something like that in physical world, he said, so why then should cell phone users enjoy that freedom in the digital world?
There has to be an answer that allows for an open-in-case-of-emergency hatch on devices that also doesn’t totally alarm users, Flattery continued.
EFF’s Crocker interjected, however, that while everyone wants a solution that appeases government officials and users alike, “technology just doesn’t work that way." Crocker said Flattery’s suggestion was ”just not feasible.”
Flattery appealed to the audience. “But we will all agree ... that there should not be a location where, as a business model, we can decide to deny access to the government to pursue law and order," He asked. “That should not exist, right?”
Many in the crowd disagreed, vocally.
“I’m probably in the wrong group,” Flattery quipped.
During a Q&A session at the live-streamed event, a caller, who identified herself as the relative of “dirt poor” immigrants, mentioned the recent uptick in the search-and-seizure of personal devices at airports. Probable cause isn’t a factor in such situations, she said. People are worried.
Flattery responded, “The argument from the government side is, 'we’re preserving data, we’re not searching it, and we don’t look at it until the court says there is probable cause.'"
Later, Flattery was asked how law enforcement agents would be held responsible in cases in which citizens' data had been breached, whether in seemingly mundane or outright illegal ways.
While government agencies may not be looking at cell phone data for fun, there’s evidence that police run plates for details on attractive women or use a busted tail light as an excuse to look into cars with a flashlight, the questioner said.
“Fair point,” Flattery responded. “I don’t think anyone would object to holding [agents’] feet to the fire.” And the fact that it seems like nobody is? “That’s a problem,” he conceded.
The audience's engagement with the second panel, composed of “great thinkers and great minds,” indicated that “people are concerned about whether law enforcement be able to search their devices,” said Rafae Bhatti, CIPP/US, CIPM, of the "Santa Clara High Technology Law Journal,” and who helped organized the discussions.
Photo curtesy of Santa Clara High Technology Law Journal.
If you want to comment on this post, you need to login.