EFF in the News
“More than just being creepy, it’s a huge violation of privacy,” said Cooper Quintin, a privacy advocate for the Electronic Frontier Foundation, a digital rights nonprofit that also offers the anti-tracking tool Privacy Badger. “People need to be able to read things and do things and talk about things without having to worry that they’re being watched or recorded somewhere.”
Does encryption negate the intelligence-collecting capabilities that Edward Snowden revealed such as PRISM, which allows the NSA to search anyone's email by just looking up their name?
Peter Eckersley, chief computer scientist, Electronic Frontier Foundation: Unfortunately we aren't close to having any sort of encryption that would protect the contents of your email against a PRISM-like attack. We need to build these things, but the strong encryption that is being debated right now doesn't do that. We are maybe getting there with text messages, but don't have a way to do end-to-end email encryption yet. Not a practical one.
Services like Silent Circle or Whisper offer end-to-end encryption, but are not yet a practical replacement for email. There's a technology called PGP which has been around for a while, but it's not yet practical for email for most people.
There are some big technical differences between email and text messaging which make email a lot harder: People expect to have all their old emails; they expect to be able to search all their old emails really fast from a phone even if they have 10GB worth of messages which they couldn't store locally on their device. Today's email platforms have very sophisticated spam filtering and prioritization features that have been built into these email platforms. To replicate all that functionality in an end-to-end encrypted system is an unsolved problem.
“What law enforcement is saying, especially the FBI, [is] ‘Well, we can’t get access to communications because they’re encrypted and this is hampering our law enforcement investigation’,” says Jennifer Lynch, Senior Staff Attorney at the Electronic Frontier Foundation. “But what’s really happening is that law enforcement is relying more and more on metadata generated by our communications,” providing troves of information on a person’s location and relationships.
“That is more beneficial to law enforcement and it can’t be encrypted,” Lynch explains.
For his part, Kurt Opsahl, an attorney with the Electronic Frontier Foundation, also said that he had never heard of such a court order.
"The only precedent that comes to mind is the 9th Circuit case about car satellite phones from 2003," he told Ars.
"The FBI wanted to bug a car through its integrated sat phone system. Because 'the Company could not assist the FBI without disabling the System in the monitored car,' the order was reversed."
The FBI'S order to Apple to help them figure out the password of San Bernardino shooter Syed Farook's iPhone is "unprecedented and dangerous," said Nate Cardozo of the Electronic Frontier Foundation.
While the AWA has been referred to in the past, this order drastically widens its scope. It’s one thing to require a company to assist in carrying out a search warrant, but in this case, the FBI is requiring Apple to build entirely new code to access the device in question, and part of that code would rely on Apple using its private key to authenticate it. This essentially amounts to the FBI requiring Apple to lie about its security checks, Nate Cardozo, staff attorney at the Electronic Frontier Foundation, told The Verge.
"No court has approved an order or law that would compel a company to do something or speak in a way that wasn't completely true," he said. "In this case, Apple is being compelled to create computer code that is false in a very meaningful way."
This is where Apple’s argument comes in. A specific exception made in the AWA is that it cannot require third parties to assist in ways that would be "unreasonably burdensome." By following this order, Apple could argue, it would place a burden on its reputation. No one will ever trust the security of their devices again, Cardozo said. "It’s an extraordinary burden — not just one of cost and time, but of a loss of good will in Apple."
The technical issues raised by Schneier illustrate how the FBI's case isn't even really about hacking into the phone, said Nate Cardozo of the Electronic Frontier Foundation.
Apple and the FBI will presumably go back court to argue over whether or not Apple should comply with the court order. Cordozo believed the FBI would be happy to win that fight. A victory would give the feds another tool to obtain information from consumer technology.
Nate Cardozo, a staff attorney at civil liberties group the Electronic Frontier Foundation, says there's nothing to stop this argument being applied to other platforms. "If the FBI's argument against Apple succeeds have, nothing prevents them from ordering Moxie to backdoor Signal," he wrote on Twitter on Wednesday.
“Tor is essential,” Shari Steele says over the phone. “Tor is so critically important. We can’t afford to not have Tor.”
That’s the kind of thing someone might say when all hell is about to break loose, but Steele sounds downright ecstatic. Over her career, she has taken on United States Department of Justice (DOJ), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI). She built the Electronic Frontier Foundation (EFF) into an international powerhouse for protecting online rights.
As a category, the internet of things is useful to eavesdroppers both official and unofficial for a variety of reasons, the main one being the leakiness of the data. “[O]ne helpful feature for surveillance is that private sector IoT generally blabs a lot, routinely into some server, somewhere,” said Lee Tien, a senior staff attorney at the Electronic Frontier Foundation. “That data blabbing can be insecure in the air, or obtained from storage.”