Two years ago, Syed Rizwan Farook and his wife Tashfeen Malik carried out a horrific shooting attack at a holiday party sponsored by Farook’s employer, the San Bernardino County Public Health Department, killing 14 people. During the attack, the couple pledged allegiance to ISIS leader Abu Bakr al-Baghdadi via Facebook and several hours later, died in a shootout with law enforcement.
The San Bernardino shooting highlighted an ominous trend: the growing use of encryption technology by terrorists and criminals and the challenge it poses for law enforcement agencies attempting to investigate or intercept activity that threatens public safety and security.
Following the San Bernardino murders, a federal judge ordered Apple to help the FBI unlock Farook’s iPhone 5C as part of the investigation. Apple refused to obey the court order, setting off a public debate over encryption and its role in hampering the ability of law enforcement agencies to investigate and prevent criminal activity.
Encryption is the electronic means of scrambling and de-scrambling data, and new and unbreakable forms of the technology are being incorporated into products by American companies. To underscore the importance of encryption and the significant public safety and security issues the technology poses, consider this: ISIS created a whole team to advise sympathizers about the most secure ways of communicating. They even ranked devices and applications based on the strength of their encryption.
In October, Deputy Attorney General Rod Rosenstein warned that strong encryption built into handheld devices is preventing law enforcement agencies from protecting Americans from criminals and terrorists. “Today, thousands of seized devices sit in storage, impervious to search warrants," Rosenstein said. “Over the past year, the FBI was unable to access about 7,500 mobile devices submitted to its Computer Analysis and Response Team, even though there was legal authority to do so."
The tech industry continues to promote and strengthen encryption technology—increasing the difficulty of gaining access to potentially vital data necessary to thwart attacks—under the guise of protecting user data and privacy. However, the companies that claim to value users’ data (e.g. through encryption technology) are often the very same companies that sell their users’ most private and revealing information so that advertisers can better target them. Tech giants Facebook and Google, which control more than 75 percent of the U.S. digital ad market, are well known for these practices.
Additionally, the tech industry, especially encrypted messaging companies like Telegram and WhatsApp, often present safety and privacy as incompatible—a false dichotomy. Various industries have for years adapted their products to meet evolving market demands and comply with the law. Banks and hospitals are expected, by the government and the public, to both respond to the needs of law enforcement while protecting their customers’ data from unauthorized access.
The tech industry should not be allowed to hide behind privacy fallacies, prioritizing profits at the expense of public safety. Instead, tech companies must be compelled to comply with valid, court orders in order to truly ensure the safety and security of their users and the public at large.
Strong privacy protection need not come at the expense of public safety and international security.