Agents at the United States Federal Bureau of Investigation have been unable to extra data from nearly 7,000 mobile devices they have attempted to access
Christopher Wray, eighth Director of the FBI, said that encryption on devices was a ‘huge, huge problem’ pertaining to FBI Investigations.
Over the past 11 months the FBI has reported that nearly half of their attempts to access encrypted devices have failed.
Many smartphones now encrypt their data when locked, as a standard feature by manufacturers such as Apple as a security preventive measure to prevent unauthorized access to the phones data – including the manufacturers of the phones and government agencies.
Cyber-security expert Professor Alan Woodward at the University of Surrey said to BBC News that device encryption was clearly frustrating criminal investigations but that it would be impractical and insecure to develop “back doors” or to weaken security.
One cyber-security expert was quoted saying that “this type of encryption is now a fact of life”.
What Does This Mean?
With quotes ranging from “Even if the equipment manufacturers didn’t build in such encryption it would be possible to obtain software that encrypted data in the same way” to “There’s a balance that needs to be struck between encryption and the importance of giving us the tools we need to keep the public safe” it is easy to see that this is something we will all be living with for years to come.
On one side, we have individuals who wish to keep their data safe and unobtainable in the case that their device is lost or stolen. This includes parents or C level executives who have personal or private data on their devices fully intended for their access only.
On the other side, we have government agencies who require access to this data to confirm or deny criminal actives such as the San Bernardino killer Syed Rizwan Farook – a situation where the FBI was denied access to unlock an iPhone by Apple themselves but eventually found a third party who was able to unlock the phone and access the data contained within.
With the courts ruling on the Farook case that the FBI did not need to disclose the contractor nor the cost associated, it is obvious that the United States government wishes to protect those who work with them but also – even after freedom of information requests were made – keep their methods and costs quiet.
What Do You Think?
Should mobile device manufacturers create back door options for government agencies to access encrypted data?
Can this even be done reliably without creating inherent vulnerabilities that would subvert the encryption process entirely?