Law enforcement bodies in the USA have a history of criticizing encryption because it makes their work more difficult. This has remained a common trope for them, even after they effectively admitted they lacked the empirical data to support their arguments. As a consequence, they normally offer anecdotes about criminals escaping justice, as if nobody is aware of recent protests and riots in response to cops who exceeded their authority. But it seems the US Department of Justice (DoJ) now intends to influence opinion by leveraging the most emotive topic imaginable, and arguing strong encryption could lead to a rise in serious sexual abuse of children. Last week Assistant Attorney General Beth Williams (pictured) shared her opinion on ‘responsible’ encryption with a symposium of fellow lawyers. She opened her speech by noting her department has…
…the freedom to be proactive, which means thinking ahead to what will be the most pressing concerns going forward in criminal justice, national security, and many other areas.
Then she told a story.
…we learned about a case in Ohio, where an undercover cop responded to an online ad for prostitution. The ad implied that the woman being sold was potentially a victim of sex trafficking, and young — possibly even underage. Law enforcement arranged to meet the girl and her escort at a hotel, where they quickly established that she was only 16 years old. Police arrested the girl’s handler and seized his cell phone.
The next day, the suspect told an acquaintance over a jail telephone that “If they get in my phone, I’m doing time for other [stuff].” Law enforcement obtained a search warrant for the phone, which they expected to contain names of other potential victims and predators. But law enforcement wasn’t able to access that information because the phone was locked and encrypted. In fact, we may never get the evidence needed to prosecute the suspect for his most serious offenses, bring other offenders to justice, or save other potential victims.
Cases like this clearly do justify further consideration of the balance between an individual’s right to privacy and the state’s ability to enforce the law. But it does not justify the hyperbole which this lawyer then proceeded to use.
The exponential increase in child exploitation would be troubling enough by itself…
As serious as this topic is, it would be wise to avoid language like ‘exponential’ and to focus on objective numbers instead. That would certainly be better than trying to extrapolate from a story about overhearing a single criminal in an Ohioan jail. But it seems the purpose of the speech was to encourage alarmism.
…but it is particularly alarming because of the accompanying spread of warrant-proof encryption technology that makes detection and prevention much more difficult, and, in many cases, simply impossible. This is despite the fact that judges often rule that there is probable cause of evidence of a crime to justify the search. Warrant-proof encryption defies our Fourth Amendment jurisprudence, in which courts have balanced privacy and the need for criminal enforcement for hundreds of years.
Consider that in 2019 alone, NCMEC [the National Center for Missing & Exploited Children] received 16.9 million reports of suspected online abuse of children. These reports are often the only lifeline for children who have been — or are continuing to be — abused in the most horrifying ways imaginable. And yet, NCMEC estimates that, if warrant-proof encryption continues to expand, more than half of these tips will vanish. In real terms, that means thousands of children who will not be saved.
We recognize that encryption is an essential tool that helps protect our data and devices from cyber threats; but we are also compelled to acknowledge that warrant-proof forms of encryption are subject to misuse and abuse, and should be addressed.
Child abuse is serious. The need to protect children merits limits on the freedoms enjoyed by adults. At the same time, the US government tells us it is fighting a plague of cyberattacks committed by foreign governments, including China and Russia. So where do they intend to draw the line?
Encryption is either breakable or it is not breakable. If it can be broken by the American authorities, it can be broken by foreign hackers. The technology used by a pedophile to hide their transgressions can also be used to secure the communications of an employee with access to sensitive systems. And a government which has the capacity to spy on serious criminals is also capable of spying on everyone else.
A contradiction lies at the heart of current US policy, which demands ‘clean’ networks whilst also insisting encryption be weakened for everyone in order to increase conviction rates for the most extreme individuals in society. Just this week a judge blocked the US government’s attempt to ban downloads of the WeChat messaging and payments app; the Chinese platform insists it cannot be used for surveillance because messages are encrypted. Democracies need to strike an appropriate balance and then maintain it, or else they will hurt themselves whilst handing easy victories to their enemies.
The video of Assistant Attorney General Beth Williams’ speech can be seen below.