Cell Phone Anti-Encryption Measures: the Key, But to What?
By: Jackson Yates
April 14th, 2016
Earlier this year, California Democratic state legislator Jim Cooper introduced Assembly Bill 1681, which would require every cell phone produced and sold in California to have an “unlocking” capability to better assist law enforcement in investigating crimes, particularly human trafficking. Unsurprisingly, even with a court order requirement, this introduction came at the horror of technology and privacy advocates. Aside from the potential technical shortcomings— it is unclear, for example, what is to stop people from engaging third parties to somehow circumvent anti-encryption measures— the proposed legislation fairly clearly runs afoul of some established principles of American privacy law.
As courts have repeatedly acknowledged, perhaps most notably in Riley v. California, a cell phone is not like an ordinary “container” that law enforcement might find on a suspect’s person. Rather than a vessel with physically limited storage capability, a modern cell phone is essentially a portal into its user’s private life. Furthermore, it is nearly impossible to imagine a scenario in which officers unlock a subject’s phone to find, say, a folder labeled “Human Trafficking,” allowing them to properly constrain their search.
Resistance from tech companies truly comes as no surprise. In a recent dispute between Apple and the FBI following the San Bernardino shootings, Apple staunchly refused to unlock the shooter’s phone in a paradigmatic display of privacy prioritization. The tech giant cited consumer privacy as an all-important concern and noted that, if word got out that Apple had the ability to “unlock” phones in this way, numerous privacy-evading entities would surely seek to engage the service to the detriment of individuals’ expectation of privacy, just like how criminals could abuse the technology behind Cooper’s bill. The FBI has found another, decidedly smaller company to unlock the San Bernardino shooter’s phone, but Cooper’s AB 1681 elicits the exact same concerns.
In support of AB 1681, Cooper urges, “It’s not NSA. It’s not Edward Snowden.” That is true; on its face, the proposed bill does not seem to directly subject average citizens to government surveillance. However, due to the vast potential ramifications of AB 1681’s carte blanche approach, Cooper’s statement that, “It’s not the boogeyman,” is not terribly convincing to privacy advocates.
Underlying article: http://www.latimes.com/politics/la-pol-sac-smartphone-encryption-bill-20160122-story.html
Link to bill on Jim Cooper’s website: http://asmdc.org/members/a09/page-2
AB 1681: http://www.leginfo.ca.gov/pub/15-16/bill/asm/ab_1651-1700/ab_1681_bill_20160120_introduced.html