We don't need hackers accessing our personal health data or home automation. If that encryption keeps government out, even better.
So FBI Director James Comey
has a sad because criminals will run amok and a US city will probably get blown up and look at all those pedophiles—all because the two largest smartphone OS makers have decided to add serious encryption to their phones.
Currently (and I'm generalizing for simplicity's sake), the government has "backdoors" it can use to pry into our digital communications, and it compels private companies to open them up via secret orders given by secret courts (or maybe not, since it's all secret). Those requests go to the telcos, handset makers, ISPs, etc.
Well, people aren't happy by unfettered secret government snooping into their private shit, so the market has responded. Google's Android already has higher encryption available, but it will be turned on as a default in its upcoming OS release. Apple has added it to its latest phones.
What this means, in practice, is that those two companies no longer have backdoor access to their users' phones. The government can demand access all they want, Apple and Google simply don't have keys to their phones. That key is now stored on the physical phone itself. And the only person who has the key is the person who owns that phone (and anyone with whom they share the password).
Now the government can still request access to the phone, but that request has to be made directly to the phone's owner. That means no more secret snooping. Furthermore, there's that whole Fifth Amendment "self-incrimination" thing. So while law enforcement can demand a user give up access to her phone, and while a court may agree and issue a warrant, the owner can refuse on Constitutional grounds.
The government can still use cell phones to track the location of suspected criminals, they can still get phone companies to turn over phone records, they can still get cloud services to give up data stored on the cloud, and they can still track their movements via social media check-ins and whatnot (which is how they caught the gay bashers in Philly last week). What they can't do is get into the phones themselves.
This is what's driving law enforcement crazy—their inability to get a third-party to grant them access to a person's most intimate data.
More below the fold.
Does this make law enforcement's job more difficult? Of course! If the government could make twice-daily home inspections, LOTS of crime would be stopped! They'd find more meth labs, child, wife, and animal abusers, illegal guns, maybe even terrorist bombmakers. Think of all the lives that would be saved! But of course, as a society, we look for the proper balance between our privacy and personal rights, and those of the state to "keep us safe".
And let's not forget, these new encryption regimes make consumers more safe. For example, with the new Apple Pay, retailers don't get any credit card numbers that can later be stolen by hackers, so no more Targets or Home Depots. That makes a person's financial info more secure. However, that credit card data is stored in the phone itself, making it potentially an even juicier theft target. Therefore, phone security must be highly protected.
Furthermore, HomeKit allows users to tie in their home automation devices into their phone. I can open my front door from anywhere in the world via my phone. Damn it better be secure! Then there's HealthKit which will pull in personal health data from all sorts of sensors and other info and store it in the phone. That's not information random people need to see. And while those are Apple services, competitors either have, or soon will have, similar functionality.
The government acts like this new encryption is designed to help criminals thwart their law enforcement efforts. In fact, that encryption has a valid legal purpose, to protect that device owner's most sensitive financial data, health data, personal data, even control of their own homes. Even if we could trust government, which we can't, there are valid reasons for locking this stuff down in a way that not even Apple and Google can crack. Because if they can get in, a malicious hacker can get in.
Technology has given law enforcement incredible new tools to fight crime, tools they didn't have a decade ago, even if they can't dig into the private contents of our digital devices. But our country now features a security establishment that has long ago given up the notion of constraints or boundaries, who spy on members of Congress with impunity, who have zero respect for the rights of individuals. Ironic, then, that it's private business who is finally putting some limits on their power, and their resulting hissy fit just reinforces that this isn't a security apparatus used to any limits.
One final point: Apple and Google aren't just standing up for the rights of their customers, but also for the right to continue existing. This is a global marketplace, and consumers around the world aren't interested in purchasing devices with a direct line to NSA/FBI headquarters. If American technology companies are to retain their global leads, they must reassure customers worldwide that they aren't merely tools of the American security state.