Should tech companies provide backdoor access to officials?
- The term ‘backdoor’ refers to access to “a computer system or encrypted data that bypasses the system's customary security mechanisms. A developer may create a backdoor so that an application or operating system can be accessed for troubleshooting or other purposes.”
- As of the iOS 9 update in 2014, Apple “specifically altered its software…to ensure that it would not be able to unlock customer phones and decrypt any of the most important data on them.”
- Prior to the San Bernardino terrorist attack that put Apple in the spotlight for refusing to provide backdoor access to the attackers’ iPhones, Jim Coldwell (then the attorney general) and select FBI agents sat down with Apple CEO Tim Cook and his team to express interest in “getting access to phones on a mass basis.” At that time, Apple unequivocally denied the request, indicating that they “didn’t think that that was an appropriate request to be made of a company that has as its primary concern the protection of all citizens.”
- A New Hampshire judge ordered Amazon to turn over two days of Amazon Echo recordings in a double murder case. Prosecutors believed that recordings from an Echo in a home where two women were murdered may yield further clues to their killer. Although police seized the Echo when they secured the crime scene, any recordings are stored on Amazon servers. When reached, an Amazon spokesperson did not comment – but the company told the Associated Press that it won’t release the information “without a valid and binding legal demand properly served on us.”
- It is in the context of this inalienable Constitutional right that the controversy over the encryption of an Apple iPhone, used by a deceased terrorist in San Bernardino, arises. A federal magistrate ordered Apple to provide a unique software code to help disable a security feature on the phone so federal investigators could determine if the perpetrator was communicating with others in a network – others who might themselves be plotting similar attacks.
Given the countless devices that permeate our lives on a daily basis - tablets, phones, laptops, smart home assistants - an abundance of data is generated, encrypted, and stored by companies. These vast deposits of data offer big brother entrance into our private lives to track where we are going, might have been, with whom, and in some instances, what we did while we were there. To date, there have been criminal cases solved and potential crimes thwarted due to authorities accessing pertinent information from devices and data. For these public safety reasons, regulations should be implemented requiring companies to provide backdoor access to devices for law enforcement purposes. It is this privacy dilemma that leads this discussion into the most complicated jurisprudence in criminal law - the Fourth Amendment.
Albeit, with any proposed backdoor regulation, the 4th Amendment requirements would still apply to law enforcement requesting access to the information being sought. However, allowing a backdoor regulatory action would save precious time that is often wasted now haggling with companies over access to, and release of data stored on company servers.
Law enforcement is required to prove probable cause to a judge that a crime has happened or is currently being premeditated in order to attain a warrant to execute a lawful search. That fact – not big tech’s warrant-proof encryption – is the strongest protection of our privacy from state intrusion. Considering public safety concerns, such as mass shootings and terrorism, backdoor access – along with the issuance of search warrants for encrypted data – protects our privacy more than any company’s bottom-line profits.
Private communications companies should not be required to create a backdoor for the sole benefit of law enforcement. Such a requirement is a huge governmental overreach and a violation of many of the foundational principles intertwined in our freedom as Americans. Now, if a company already has a means of accessing messages or telephone calls, then it should be required to comply with a properly obtained and served court order. However, if a company offers its users the utmost privacy to the point that the company itself cannot access information relayed through its own communication channels, then that is the right of the company and its customers to respectively comply with such requests.
The right to privacy has already been eroded with the advancements of technology, the internet, and social media. More so now than ever, we run the risk of our private information being leaked and shared with the world. The idea of a fully encrypted service being required to create a backdoor to defeat the encryption inherently adds vulnerability and an increased chance of such data being breached – the very thing companies and consumers want to prevent.
Of course, requiring a backdoor to encrypted data could make it somewhat easier for law enforcement to find evidence of criminal activity, but at what cost? The right to privacy and a company’s right to provide that privacy is far too steep of a price to pay. To require companies to create a backdoor to private encrypted information goes against the very freedom America was founded upon.