As soon as the news broke last week that the FBI was unable to gain access to the phone belonging to the Sutherland Springs, Texas killer, you could hear the indignant feet-stomping of security hawks on Capitol Hill. It did not matter that the killer was not a member of ISIS, and acted alone. It did not matter that the motive was a domestic dispute, not the result of some broader terrorist plot. And, it did not matter that it was the government’s clerical error in the first place, which allowed for this tragedy to occur.
There was data to be had, nominal in value as it may be, and Apple’s industry-leading encryption was keeping the feds from it.
The FBI’s frustration with Apple, which to its credit quickly offered its assistance to the FBI upon learning the phone at the center of the investigation was an iPhone, echoes a similar sparring match last year following the San Bernardino, California terror attack. Then, in response to Apple’s principled stand against being compelled to defeat encryption techniques designed to protect its customers (private and public), California Sen. Dianne Feinstein co-sponsored a bill which would force tech companies to provide unencrypted data to the authorities upon request, thus defeating the very premise of encryption. “No entity or individual is above the law,” Feinstein chirped at the time, noting that such power was crucial for the government “to know when terrorists are plotting to kill Americans.”
Unsurprisingly, Feinstein now is renewing the call for her bill, because, for her and other bureaucrats like her, personal privacy is a privilege; not a right.
Even in the post-9/11 environment, where our terrorism paranoia has allowed for all manner of curbs to our civil liberties, this warped view of personal privacy is especially troubling. And, the flimsiness of Feinstein’s justification for the major step of defeating encryption protections yet again exposes just how twisted security hawks on the Hill view privacy rights of Americans. The 4th Amendment, like the rest of the Bill of Rights, quite clearly is written to preemptively stop government from taking action against individuals’ rights, as opposed to granting limited freedoms to citizens for personal privacy. That is why the first clause ends with, “shall not be violated,” instead of “at the discretion of law enforcement, or Congress.”
Our cell phones, which contain banking information, personal emails, photos, and other highly sensitive data, are like electronic vaults; meant to be as impenetrable as possible from intrusion of any kind, for the sake of protecting this data. Though Feinstein’s bill innocuously calls for compulsory assistance in cracking its encryption and avoids calling outright for a “backdoor,” that is precisely the outcome it intends in order for companies to meet the requirements of the proposed law. Inevitably (and routinely), the “cracking” techniques that use this backdoor would also be shared with state and local law enforcement as well, for use in investigations having nothing at all to do with stopping terrorists.
As cyber security experts have long warned, and numerous incidents of publicly leaking hacking techniques used by law enforcement have shown, the existence of exploitable backdoors essentially renders private encryption useless. Not only would anyone, from the FBI to the local sheriff, gain the ability to access your most personal data, so would Russia, China, North Korea, as well as the person who swipes a phone off a table at a restaurant.
And what are we putting our privacy at tremendous risk in order to gain? Merely an illusion of safety against the “terror monster” conjured by Feinstein to get her way. For years, government snoops and their supporters in Congress have argued for ever more advanced ways to spy on Americans in the name of “fighting terrorism,” while over this time, terrorists have opted for more low-tech ways to evade detection. Today, terror plots are rarely hatched through sophisticated, “Dark Web” networks of terrorists, but are more likely to be so-called “lone wolf” attackers with crude plans and methods for their attacks. Nor is it logical to expect terrorists to leave sensitive information available to police after the fact; for example, mass shooters routinely have destroyed their hard drives and cell phones before their rampages, including the terrorist in San Bernardino.
And, the fact is, the government has many tools already in its arsenal to address such cyber problems without new, privacy-invasive powers.
Instead of focusing on new, high tech ways to catch terrorists by imperiling the privacy rights of everyone who uses or manufactures a cell phone, government should focus instead on getting the basics right -- like reporting convicted domestic abusers and persons dishonorably discharged from the military to the FBI’s National Instant Criminal Background Check System. Perhaps then we would have one less tragedy on the books, instead of another ineffectual power grab.