The FBI’s repeated success in overcoming the problem of “darkness” belies the protests as an existential threat. In some ways, Anom shows how creative the agency’s alternative solutions are. However, researchers warn that as more governments around the world seek to demand digital back doors – and as for some, such as Australia, Implementation of such laws—Authorities can also point to the Anom case as evidence that private access is working.
“From there it seems that it’s not a rhetorical leap to say, ‘This worked so well, wouldn’t it be nice for every app to have a back door? “This is literally what US law enforcement has said,” says Rihanna Pfefferkorn, associate director of monitoring and cybersecurity at Stanford University’s Center for Internet and Society. If the ability to monitor every message on Anom is so effective, the FBI might say, “Why not do it?” Simply more, and in more places?
It’s important not to extrapolate too broadly from the Anom experience. According to documents released this week, the FBI made significant efforts to operate under foreign laws and avoid surveillance of Americans throughout the initiative’s three-year period. There is no immediate threat that the FBI will be able to deploy an entire backdoor system within the United States. The Fourth Amendment protects against “unreasonable” search and seizure, and establishes a clear basis for government memorandum requirements. Moreover, continuous surveillance orders such as wiretapping orders are more difficult to obtain on purpose for law enforcement, as they allow for widespread surveillance. But, like Demonstrate the NSA’s PRISM programIn the United States, uncensored domestic digital surveillance programs are not beyond the realm of possibilities.
One of the lessons that can be learned from Anom, while it was effective in many ways, came with potential collateral damage to the privacy of people who had not been accused of any crime. Even a product geared towards scammers can be used by law-abiding people as well, exposing these unintended targets to scrutiny in the process of trying to catch the real criminals. And anything that normalizes the concept of full government access, even in a very specific context, can be a step down a slippery slope.
“There is a reason that there are assurance requirements and it takes effort and resources to put work into investigations,” says Pfefferkorn. “When there is no friction between the government and the people they want to investigate, we’ve seen what that can result.”
These concerns are supported by indications that governments have actively sought broad outside powers. Besides Australia, other “Five Eyes” US intelligence counterparts such as the UK have also put forth ideas about how law enforcement can access end-to-end encrypted services. In 2019, for example, the British intelligence agency GCHQ suggested that services build law enforcement mechanisms to be added as a silent and invisible participant in chats or other communications of interest to them. That way, GCHQ argued, companies wouldn’t have to crack their encryption protocols; They can simply create another account party to the conversations, such as adding another member to a group chat.
The reaction against the proposal It was fast and definitive from researchers, crypto experts, privacy advocates, human rights groups, and companies like Google, Microsoft, and Apple. They firmly argued that a tool for adding law enforcement ghosts to chats could also be detected and abused by bad actors, exposing all users of the service to risks and fundamentally undermining the purpose of end-to-end encryption protection.
Cases like Anom, and other examples of law enforcement agencies working secretly Secure telecommunications companies, may not fulfill the dreams of law enforcement authorities about access to mass communication. But they show – with all their escalation, gray areas, and potential privacy implications – that authorities still have ways to get the information they want. The criminal underworld hasn’t gone as dark as it might seem.
“I am happy to live in a world where criminals are stupid and cramming themselves into criminal private-purpose crypto applications,” says Matthew Green, a crypto expert at Johns Hopkins University. “My real fear is that some criminals will eventually stop being stupid and just move on to good encrypted messaging systems.”
More great wired stories