FBI: Using third parties to break encryption not only answer
The FBI is facing an increasing struggle to access readable information and evidence from digital devices because of default encryption, a senior FBI official told members of Congress at a hearing on digital encryption Tuesday.
Amy Hess said officials encountered passwords in 30 percent of the phones the FBI seized during investigations in the last six months, and investigators have had "no capability" to access information in about 13 percent of the cases.
"We have seen those numbers continue to increase, and clearly that presents us with a challenge," said Hess, the executive assistant director of the FBI branch that oversees the development of surveillance technologies.
In her testimony to a subcommittee of the House Energy and Commerce Committee, Hess defended the Justice Department's use of a still-unidentified third party to break into the locked iPhone used by one of the two San Bernardino, California, attackers. But she said the reliance on an outside entity represented just "one potential solution" and that there's no "one-size-fits-all" approach for recovering evidence. She said she did not think that path should be the sole solution.
"These solutions are very case-by-case specific," she said. "They may not work in all instances. They're very dependent upon the fragility of the systems, the vulnerabilities we might find," she said, adding that cooperation between the government, academia and private industry was needed to come up with more solutions.
Asked about the FBI's reliance on a third party to get into the phone, and its inability to access the device on its own, Hess said the work requires "a lot of highly skilled specialized resources that we may not have immediately available to us."
Representatives from local law enforcement agencies echoed Hess's concerns. Thomas Galati, chief of the intelligence bureau at the New York Police Department, said officials there have been unable to break open 67 Apple devices for use in 44 different investigations of violent crime -- including 10 homicide cases.
Still, despite anxieties over "going dark," a February report from the Berkman Center for Internet and Society at Harvard University said the situation was not as dire as law enforcement had described and that investigators were not "headed to a future in which our ability to effectively surveil criminals and bad actors is impossible."
The hearing comes amid an ongoing dispute between law enforcement and Silicon Valley about how to balance consumer privacy against the need for police and federal agents to recover communications and eavesdrop on suspected terrorists and criminals. The Senate is considering a bill that would effectively prohibit unbreakable encryption and require companies to help the government access data on a computer or mobile device when a warrant is issued.
Bruce Sewell, Apple's general counsel, touted the importance of encryption particularly in light of devastating breaches of sensitive government information -- including at the IRS and the Office of Personnel Management.
"The best way we, and the technology industry, know how to protect your information is through the use of strong encryption. Strong encryption is a good thing, a necessary thing. And the government agrees," Sewell testified.
In response to questions raised at the hearing, Sewell said that the Chinese government had asked Apple for its source code within the last two years -- and that Apple declined.
The long-simmering clash escalated in February after a judge in California directed Apple to help the FBI break into the phone used by Syed Farook, who along with his wife killed 14 people on Dec. 2 before dying in a shootout with police. The Justice Department last month said a third party had approached it with a way into the phone, effectively ending that court case. Another legal fight over a phone in a separate drug case is still pending in Brooklyn.
(Copyright 2016 The Associated Press. All rights reserved. This material may not be published, broadcast, rewritten or redistributed.)