DOJ: Strong Encryption That We Don't Have Access To Is 'Unreasonable'

An anonymous reader quotes a report from Ars Technica: Just two days after the FBI said it could not get into the Sutherland Springs shooter's seized iPhone, Politico Pro published a lengthy interview with a top Department of Justice official who has become the "government's unexpected encryption warrior." According to the interview, which was summarized and published in transcript form on Thursday for subscribers of the website, Deputy Attorney General Rod Rosenstein indicated that the showdown between the DOJ and Silicon Valley is quietly intensifying. "We have an ongoing dialogue with a lot of tech companies in a variety of different areas," he told Politico Pro. "There's some areas where they are cooperative with us. But on this particular issue of encryption, the tech companies are moving in the opposite direction. They're moving in favor of more and more warrant-proof encryption." "I want our prosecutors to know that, if there's a case where they believe they have an appropriate need for information and there is a legal avenue to get it, they should not be reluctant to pursue it," Rosenstein said. "I wouldn't say we're searching for a case. I''d say we're receptive, if a case arises, that we would litigate."

In the interview, Rosenstein also said he "favors strong encryption." "I favor strong encryption, because the stronger the encryption, the more secure data is against criminals who are trying to commit fraud," he explained. "And I'm in favor of that, because that means less business for us prosecuting cases of people who have stolen data and hacked into computer networks and done all sorts of damage. So I'm in favor of strong encryption." "This is, obviously, a related issue, but it's distinct, which is, what about cases where people are using electronic media to commit crimes? Having access to those devices is going to be critical to have evidence that we can present in court to prove the crime. I understand why some people merge the issues. I understand that they're related. But I think logically, we have to look at these differently. People want to secure their houses, but they still need to get in and out. Same issue here." He later added that the claim that the "absolutist position" that strong encryption should be by definition, unbreakable, is "unreasonable." "And I think it's necessary to weigh law enforcement equities in appropriate cases against the interest in security," he said.

Re:Idiots

[youngone]

I don't think Mr. Rosenstein is an idiot at all, I do think he is not being honest about what his end goal is.
I am also doubtful he understands what encryption really is and how it works, or that he can remember the US government fighting and losing a similar battle during the 1990's.

same shit, new pig.

[nimbius]

"Responsible" encryption lasted about 3 days before it was crucified by the EFF https://www.eff.org/deeplinks/...

so lets see just how long "unreasonable" encryption goes. The fact of the matter is plain and simple. In any of these shootings, the ability to read the killers instagram posts and grindr chats isnt going to magically re-animate the dead. beating the motive horse for a killer just helps draw attention away from the real issues like competent gun control and healthcare reform in the US that isnt hinged on Reagan era de-institutionalization.

Re:Idiots

[sjames]

And yet he just shot his mouth off about it to the press where he claimed to want two mutually exclusive things. Isn't that pretty good evidence that he IS an idiot?

Re:Unreasonable huh

Absolutely correct. I have a multi-count sex offense conviction under my belt because the prosecution exploited a wording issue in the law (two laws that covered the same offense where I was charged with the lesser one) that would allow "upgrading" the charges. You see, a particular now-disgraced district attorney was up for re-election and my case had been stuck in limbo for several years because their "evidence" was bullshit with everything from tainted chains of custody to forensic proof that the drives were modified multiple times after seizure.

They gave me two choices. One was to take a "cake" plea that involved zero prison time (suspended sentence) with some of the counts tossed out. The other was to have my charges tossed in favor of being charged under the higher law, re-arrested, have to post bond a second time with a likely higher bond I didn't have the money to pay (in practicality this means rotting in jail for potentially YEARS awaiting a trial), facing up to six years in prison if found guilty, and based on my research a few years after all this went down there is not a single case in my entire state (and may other states) where a trial for a sex crime ended in "not guilty" so I was guaranteed to be on the losing end of that gamble. My attorney (a very good and reputable one too!) urged me to take the offer because he knew there was no way to win.

What about the evidence? What about the particulars of the case? What about the tainted data, the forensics that stunk? Well, you see, the facts don't matter when they can just shovel you through with a strong-arm plea offer. It didn't matter if I was guilty or not because they held my head above a figurative vat of acid, a guaranteed destruction of up to a decade of my adult life, and coerced a guilty plea out of me. Justice was not served in my case; it was fucking slaughtered. This part of my life is what I think of when I read "never cop to a guilty plea to get reduced sentence." I hope it becomes what you think of as well.

Posted AC for super obvious reasons.

Re:Tell you what...

[blindseer]

You think that local police forces don't try? I remember going to a political rally of sorts where they were talking about how the city wanted all businesses and multi-unit housing to hand over copies of keys to the police and fire departments. For your safety of course.

All kinds of questions were raised. Would the city be required to make attempts to call the property owner before entering? Would there be a log of these entries? Would this be public record? What of lost or stolen keys, would the city pay for locks being rekeyed? What happens in the case of a burglary? What responsibility would the police have if there is damaged property, missing items, or other losses? Can they prove someone in the city government was not responsible? What kind of prevention for abuse of this kind of access by city employees would be in place? What punishment for this abuse would there be?

This was happening in a neighboring town so it didn't affect me directly, only as an example that might spread. As far as I know this didn't get far. Of course many of those questions on having the keys to our homes and businesses also apply to having the keys to our data.

Oh, and why not have keys to single unit homes? Probably because the city council members all lived in single unit homes.

Re:Unreasonable huh

[Kjella]

The even more important takeaway from the other 90% is that being innocent and taking your trial to court is no guarantee you'll be found not guilty. The system should work so that you assume the court is right *most* the time, where the guilty get a reasonable rebate for confessing since they'd probably be convicted - otherwise they have really nothing to lose, while the innocent should not get an unreasonable extra punishment for trying to prove their innocence. What happens in the US is post-hoc justification, they were guilty (because they were found guilty) and they tried to get away with it (because they took it to trial) so let's lock them away forever.

What's wrong with the US system is that your plea is not taken into consideration at sentencing, it's being used to decide what crime to charge you with in the first place. Objectively I find that absurd because what actually happened can't be altered through a plea deal, the required flexibility for whether you should be punished stronger or lighter should be in the sentencing. Here in Norway the prosecution has to play their hand first, we're charging you with crimes X and Y, here's our sentencing recommendation if you're found guilty. Then you can either pick a "confession ruling" (tilståelsesdom) which is very simplified process for a 15-30% reduction in sentencing at the court's discretion or you can bring it to a full trial. It seems to work okay, though you never really know.

Re:Unreasonable huh

[ShanghaiBill]

Plea bargaining should be enshrined in law, so that it can be controlled.

That is the way it works in military courts. If a defendant pleads guilty, the judge (or presiding officer) will still conduct a "providency hearing", which is a summary of the evidence, shorter than a full trial and with looser rules of evidence, but still enough to determine if the guilty plea is actually in the best interest of the defendant.

I saw a defendant in a special court martial plead guilty, had the plea rejected by the judge after the providency hearing, and then went on to be acquitted after a full trial.

Backdoor Absurdly Negates Encryption

[spiritwave]

"People want to secure their houses, but they still need to get in and out. Same issue here."

But we do not leave our doors unlocked, nor instead give the police (or basically anyone else who does not reside there) a key to use when they deem fit (abusively or not).

Any backdoor basically completely bypasses the security of encryption, because history clearly shows that any such backdoor will likely quickly become common knowledge for hackers.

Re: Unreasonable huh

[next_ghost]

Because AGs in civilised countries have to take better care to prosecute the real criminal. If they jail the real criminal on their first try instead of some innocent bystander who will take the plea deal because he's too broke to make it through the full trial, there will be fewer crimes in the future. Also, civilised coutries have a system of public defenders that actually works. US public defenders are so overloaded that they have on average less than 5 minutes to prepare for each case.

Former locksmith here

[raymorris]

I used to work as a locksmith. A long time ago, tools and techniques for tubular locks weren't common, so bike locks with a tubular cylinder WERE considered difficult. Tubular locks are the kind you see on soda machines, and have a circular key. Picks for tubular locks are now common, so they are no longer difficult. I've never seen any model of bike that would be considered difficult.

You might not BOTHER to pick a $12 lock since it's so easy to replace. It's not difficult, just not worth spending more than 3 minutes on if you happen to randomly get one with shallowing bitting at the key tip, and deep cuts near the bow. That's random to specific instances of the lock, though - in general they are slightly easier than home locks because they frequently have only four pins rather than five.

I mentioned bitting. If your key happens to have deep cuts near the "handle" and a very shallow cut near the top, that's more difficult. Especially if there is also a shallow cut right before the deep cut.

Re:You don't trust government with encryption

[Opportunist]

My government runs gun control and healthcare. Oddly enough, the sky is still up there and we're doing fine.

And still I wouldn't trust that very same government with encryption matters. Why? Because I can SEE what they do in terms of gun control and healthcare. I see a lack of shooting sprees and I see a medical system that works. How do you suggest we should be able to know whether they abuse encryption backdoors?