Ever since
Edward Snowden made huge revelations regarding government data collection last
June, privacy has been a popular talking point in the media and among the
tech-savvy. In response to the
revelations, many companies have begun massive efforts to secure their customer’s
data to keep prying eyes from seeing personal information. Following suit, Google and Apple have announced
that new iterations of their mobile phone operating systems will be encrypted
by default, and they will be throwing away their keys. This means that the only way to access the
data stored on those devices is by learning the password from the owner of the
device. While this hardware encryption
is a necessity for privacy and protection, some serious questions have come up
from law enforcement agencies across the nation.
Local device encryption is one of
the most important ways to keep data secure.
Allowing a company to share a key with you is a major liability, likened
to both you and the bank holding keys to your home. First, it means that malicious attacks targeted
at the company could jeopardize your own privacy despite any security measures
you already have. Second, it means that
the company holding that key could process any of your private information to
sell to advertisers without your knowledge.
Third, it could allow law enforcement agencies to access your sensitive
information without your knowledge or potentially even a warrant.
Department of Justice officials have
already come out against the policies.
According to techdirt.com, former FBI general counsel member Andrew
Weismann has claimed that the move by Apple is essentially announcing to
criminals, “use this” to commit crimes.
Another official claims that some cases may be impossible to solve
without access through Apple’s and Google’s cooperation, citing kidnapping and
terrorism as reasons to forego local encryption.
What makes the officials’
complaints unfounded is fairly simple, though.
While local files and information will be hidden from inspection, Apple
and Google both have policies and procedures for working with law enforcement
agencies. Local files have always been
difficult to access without the user’s password, especially on laptop computers
that aren’t connected to the web as frequently or consistently as mobile
phones. These policies don’t stop either
company from obeying warrants that request access to account information or
communication records kept off of the device.
Similarly, GPS location and similar data is not hidden, meaning the
threat of kidnapping is not nearly as severe as they claimed.
The real question, though, is why
agencies shouldn’t have access to the data.
Personal records, including email, text messages, and pictures, are
private property and should be treated as such.
Bank records, medical information, and business communications are often
kept in locked boxes, with only one person holding the key. Electronic data, which can be just as, or
even more, sensitive needs to be protected just as securely. New laws need to be written to protect data
owners from unwarranted access to their files.
Similarly, just like in cases of physical information, procedures need
to be put in place for criminals who refuse to release passwords after warrants
have been granted. Outside of these
situations, there is no reason for any agency to have access to your data. Apple and Google are making policies that are
here to protect our information from people who shouldn’t have it.
No comments:
Post a Comment