Group items tagged

Less than a week after the attacks in Paris — while the public and policymakers were still reeling, and the investigation had barely gotten off the ground — Cy Vance, Manhattan’s District Attorney, released a policy paper calling for legislation requiring companies to provide the government with backdoor access to their smartphones and other mobile devices. This is the first concrete proposal of this type since September 2014, when FBI Director James Comey reignited the “Crypto Wars” in response to Apple’s and Google’s decisions to use default encryption on their smartphones. Though Comey seized on Apple’s and Google’s decisions to encrypt their devices by default, his concerns are primarily related to end-to-end encryption, which protects communications that are in transit. Vance’s proposal, on the other hand, is only concerned with device encryption, which protects data stored on phones. It is still unclear whether encryption played any role in the Paris attacks, though we do know that the attackers were using unencrypted SMS text messages on the night of the attack, and that some of them were even known to intelligence agencies and had previously been under surveillance. But regardless of whether encryption was used at some point during the planning of the attacks, as I lay out below, prohibiting companies from selling encrypted devices would not prevent criminals or terrorists from being able to access unbreakable encryption. Vance’s primary complaint is that Apple’s and Google’s decisions to provide their customers with more secure devices through encryption interferes with criminal investigations. He claims encryption prevents law enforcement from accessing stored data like iMessages, photos and videos, Internet search histories, and third party app data. He makes several arguments to justify his proposal to build backdoors into encrypted smartphones, but none of them hold water.

Before addressing the major privacy, security, and implementation concerns that his proposal raises, it is worth noting that while an increase in use of fully encrypted devices could interfere with some law enforcement investigations, it will help prevent far more crimes — especially smartphone theft, and the consequent potential for identity theft. According to Consumer Reports, in 2014 there were more than two million victims of smartphone theft, and nearly two-thirds of all smartphone users either took no steps to secure their phones or their data or failed to implement passcode access for their phones. Default encryption could reduce instances of theft because perpetrators would no longer be able to break into the phone to steal the data.

Vance argues that creating a weakness in encryption to allow law enforcement to access data stored on devices does not raise serious concerns for security and privacy, since in order to exploit the vulnerability one would need access to the actual device. He considers this an acceptable risk, claiming it would not be the same as creating a widespread vulnerability in encryption protecting communications in transit (like emails), and that it would be cheap and easy for companies to implement. But Vance seems to be underestimating the risks involved with his plan. It is increasingly important that smartphones and other devices are protected by the strongest encryption possible. Our devices and the apps on them contain astonishing amounts of personal information, so much that an unprecedented level of harm could be caused if a smartphone or device with an exploitable vulnerability is stolen, not least in the forms of identity fraud and credit card theft. We bank on our phones, and have access to credit card payments with services like Apple Pay. Our contact lists are stored on our phones, including phone numbers, emails, social media accounts, and addresses. Passwords are often stored on people’s phones. And phones and apps are often full of personal details about their lives, from food diaries to logs of favorite places to personal photographs. Symantec conducted a study, where the company spread 50 “lost” phones in public to see what people who picked up the phones would do with them. The company found that 95 percent of those people tried to access the phone, and while nearly 90 percent tried to access private information stored on the phone or in other private accounts such as banking services and email, only 50 percent attempted contacting the owner.

The military judge presiding at the USS Cole death-penalty trial ordered the Pentagon to replace the senior official and his staff overseeing the war-court process, ruling a since-revoked requirement for judges to live at Guantánamo until a trial is over appeared to be unlawful meddling.Air Force Col. Vance Spath, the judge, issued the ruling in court Monday following a week of hearings that showed behind-the-scenes planning at the Pentagon on how to perhaps replace military judges and speed along the pretrial process.Prosecutors defended the planning by the legal staff of the so-called convening authority for military commissions, retired Marine Maj. Gen. Vaughn Ary, as routine brainstorming on resourcing of the war court.Defense lawyers called the move-in order illegal, a crime in military justice called “unlawful command influence,” that was designed to unfairly rush the death-penalty trial of Saudi captive Abd al Rahim al Nashiri, 50, as the alleged mastermind the USS Cole bombing.

They wanted the judge to dismiss the case. But while Spath was still taking evidence, Deputy Secretary of Defense Robert O. Work quickly revoked the controversial order — meaning judges hearing war-crimes cases now may keep their prestigious regular duties and simultaneously preside at Guantánamo military commissions cases.Spath, in court Monday, called dismissal “not appropriate” in this instance. Instead, he disqualified Ary and four lawyers who worked on the move-in requirement: retired Army Col. Mark Toole, Army Reserves Lt. Col. Alyssa Adams, Navy Reserve Cmdr. Raghav Kotval, and Army Capt. Matthew Rich.He ordered the Pentagon to replace them in the USS Cole case — meaning a new convening authority would fund and assign Nashiri’s legal-team resources and pick the pool of military officers for his eventual jury.

Spath also cut an upcoming two-week pretrial hearing at Guantánamo back to just one week, he said, to demonstrate “this detailed trial judge feels no pressure to accelerate the pace of this litigation.”

In an abrupt retreat Friday, the Pentagon revoked an order to war court judges to drop their other military duties and take up residence at this remote base until their cases are over.The 9/11 case judge swiftly responded by lifting a freeze on preparations for the terror trial of alleged mastermind Khalid Sheik Mohammed and four accused accomplices; the judge had imposed the freeze 48 hours earlier with a ruling that found the move-in order appeared to be an illegal bid to rush justice.Defense lawyers in the Sept. 11 and USS Cole death-penalty cases described the Jan. 7 relocation order as “unlawful influence,” a pressure play designed to exile military judges to the remote base in Cuba, cut short pretrial hearings and move straight to trial. Commanders meddling in the judicial function is a crime in the U.S. military. The about-face also averted testimony in the USS Cole bombing case by three three-star officers, the top lawyers of the Navy, Army and Air Force, on how the Pentagon order to move the judges took them by surprise — and its impact.

But it did not settle the conflict. Defense lawyers for Saudi Abd al Rahim al Nashiri, 50, argued that the way the order was adopted and withdrawn was illegal.They asked the judge, Air Force Col. Vance Spath, to dismiss the death-penalty charges against Nashiri, who is accused of orchestrating al-Qaida’s Oct. 12, 2000 suicide bombing off the coast of Yemen. Seventeen U.S. sailors were killed and dozens more wounded in the warship attack.Alternatively, Nashiri’s lawyers asked the judge to exclude from the case the architect of the move-in order — retired Marine Maj. Gen. Vaughn A. Ary, as well as his legal staff, who oversee the war court in the so-called Office of the Convening Authority. The new Secretary of Defense, Ash Carter, should replace them with officials untainted by the relocation order, said Nashiri’s civilian lawyer, Rick Kammen.

Ary “can’t be trusted” to act impartially, said Kammen, noting Ary’s role includes funding the defense and choosing the jury pool of U.S. military officers — Kammen called it driving “the death train” by handpicking “the people that he wants to kill Nashiri.”Prosecutors said, with the move-in order gone, the issue was over. They urged Spath to drop it. “We get that there is an appearance issue,” said the chief war crimes prosecutor, Army Brig. Gen. Mark Martins. “We all are guardians. The independence of the judiciary is at the heart of this.” Spath disagreed. Testimony earlier this week by Ary, the judge said, demonstrated there was “some evidence of unlawful influence.” Spath never dropped his other duties and never moved to this base. But hearing evidence this week disclosed a behind-the-scenes plan to remove Spath from the USS Cole case rather than relieve him of his other job as chief of the Air Force judiciary.Ary undertook this change “knowing it could remove a sitting trial judge,” said Spath, adding he would rule Monday morning on the defense motion to dismiss the charge