Deputy Attorney General Rod Rosenstein has indicated that the Justice Department may be more aggressive in trying to secure access to encrypted information from technology companies during criminal and terrorism investigations.
In a speech in Annapolis, Md., Rosenstein, the second-highest-ranking official in the Justice Department, acknowledged the balancing act between privacy and public safety but said the needs of law enforcement can outweigh personal privacy when crimes need to be prevented and solved.
โWarrant-proof encryption is a serious problem,โ Rosenstein said in his speech at a conference at the U.S. Naval Academy. โThe public bears the cost. When investigations of violent criminal organizations come to a halt because we cannot access a phone, even with a court order, lives may be lost. When child molesters can operate anonymously over the Internet, children may be exploited. When terrorists can communicate covertly without fear of detention, chaos may follow.โ
Rosenstein did not offer policy proposals or specific steps Justice Department officials will take to combat what law enforcement refers to as โgoing dark.โ But he strongly criticized technology companies and said the governmentโs efforts to engage with them has not been successful.
โTechnology companies almost certainly will not develop responsible encryption if left to their own devices,โ Rosenstein said. โThey are in the business of selling products and making money. . . . We are in the business of preventing crime and saving lives.โ
Ari Schwartz, a former senior director for cybersecurity in the Obama White House, said that while there are โa few instancesโ in which technology companies do not help the government, โthere are plenty of casesโ in which they do.
โIโm not seeing how this gets us closer to having the real discussion about solutions in this space,โ said Schwartz, managing director of cybersecurity services at the Venable law firm. โThe government feels as though tech companies have to find a solution for them, and the tech companies feel as though the government just doesnโt understand how theyโre putting the larger security at risk here.โ
Rosenstein highlighted the February 2016 case in San Bernardino, Calif.,, when the FBI obtained the iPhone used by a terrorist who shot and killed 14 people and injured 22 others. The data on the iPhone was encrypted, and the government sought Appleโs assistance to find out whether there was evidence of other attack plans.
โApple rejected the governmentโs request, although it had the technical capability to help,โ Rosenstein said.
The Obama administration went to court to obtain an order requiring Apple to help, and Apple said it would appeal the order. The FBI was eventually able to access the data on the phone without Appleโs assistance, by enlisting the help of professional hackers.
โBut the problem persists,โ Rosenstein said. โToday, thousands of seized devices sit in storage, impervious to search warrants. Over the past year, the FBI was unable to access about 7,500 mobile devices submitted to its computer analysis and response team, even though there was legal authority to do so.โ
Rosenstein said that while technology companies do not cooperate with Justice Department officials, they operate in foreign countries that censor and suppress information, citing incidents that involved Facebook and Amazon.com. (Amazon founder and chief executive Jeff Bezos owns The Washington Post.)
โAmerican technology providers sell products and services in foreign markets where the governments have questionable human rights records and enforce laws affording them access to customer data, without American due process or legal protections,โ Rosenstein said. โSurely those same companies and their engineers could help American law enforcement officers enforce court orders issued by American judges, pursuant to American rule-of-law principles.โ