38 comments

[ 2.4 ms ] story [ 92.0 ms ] thread
Is this just "if you don't have anything to hide" as a legal argument?
Funny how that’s only a one-way street in politics
This is why we need all the things to be encrypted all the time.

People with "something to hide," i.e. persecuted minorities, need not to stand out from the crowd.

For those who think they've got nothing to hide:

Your bank communications are encrypted, why not also protect your conversations with friends family and others? You never know when you or they might need to share things you wouldn't want used as blackmail (information ransom).

For those who think they've got nothing to hide:

just wait for cameras to be installed in your bedroom to keep you safe

Too late, we already have cloud-connected indoor security cameras from Amazon. The NSA is investigating a recent protest that happened in your area, wonder if they'd be interested in taking a peek at your footage? But really, it's not made things much worse. We already happily carry tracking devices everywhere with us without any idea what's running on them.
It took me a long time to grasp and take onboard that attack surface starts with your installed base of apps. I whittled my Ubuntu apps down to that which I use on a regular basis, and I aggressively uninstalled packages that were unused or seemed weird or just unnecessary to me.

The same goes for my Windows machine and my phone. Frankly my phone's 32GB is clogged already and I can't install all the apps I want. I may not really know "what" is running on it, but I have fairly good ideas about "who" is running on it, and that can count for a lot. If I don't install any janky games from unknown publishers, and I stick with truly utilitarian, name-brand stuff, I can at least avoid most supply-chain based attacks, and hopefully some of the jankier data Hoovers.

There are some activities I do when I have to seriously consider setting my phone aside, or at least removing sdcard+SIM for safety from whatever threat actors might turn the phone against me or wrest it from my possession. I do not yet rely on my phone for payments and transit fares, so I can easily get around town without it (even if it pains me not to have real-time tracking and maps and emergency phone at the ready.)

I think if you know who's running on your systems, that's half the battle. Don't invite strangers into your home, don't install weird apps on anything anywhere. Make sure your family knows too. Keep a tidy firewall and DNS-based adblocks. Due diligence goes a long way. Make your peace with threat actors who are too powerful for you to resist, and just live your life as if they're already watching.

While I'm definitely in the "encrypt and take all reasonable precautions" camp, I have to say that your example doesn't make sense to me - unless I'm misunderstanding your example, the recipient of those messages has already received a plaintext/unencrypted copy of the conversation. If the originally intended recipient is now the one holding that information "ransom", I don't know how encryption could help - at some point it was plaintext, and they could have made copies (screenshots, or even a Polaroid picture of their phone screen) at that time.

Again, could be misunderstanding your example...

The concern in the example is that if the data is unencrypted then there are many untrusted middlemen that also have access to the plaintext and could use it to blackmail either/both of the trusted sender/receiver.
I agree that concern is valid (and a good reason to encrypt everything), I just think the original example doesn't really say that clearly (or at least clearly enough).

Then again, maybe I'm just being pedantic.

Thanks for the clarification - have a good one.

It's implicit that the communicating parties desire the information to be shared among themselves, otherwise why would they talk about it at all?
While I agree, I still feel like the original example wasn't explicit about the threat being external to the conversation. But again, that's likely me being overly pedantic/overly concrete in my thinking.

That being said, there are situations where you would want to "revoke" information you shared willingly and intentionally with someone (think in the case of a messy breakup or divorce, where that information could be socially or legally troublesome if presented in a certain way) - encryption is still weak to a "plaintext recording" attack in that case.

Anyway, again, thank you all for the informative and civil discussions X) Have a good one.

Really you don't get to decide that you have nothing to hide, your inquisitor, the one deciding guilt does.
Who has something to hide?

People facing unjust persecution from the largely unaccountable Police.

Daydream: Run your actual Evil Conspiracy through some easily-overlooked side channel. (Say, code words hidden in your regular social media rants.) Fill your encrypted messaging channel with dirty jokes, racist comments, and similar "legal but odeous" stuff. Let the DoJ build much of their case around your encrypted messages. Near the end of your trial, when it looks like you'll be taking a long trip to Leavenworth, break down and release the encryption key.
You could try another experiment: see how responsive the authorities are by doing fake terrorist plotting, laying out all your plans with time-frames, weapons to be used, etc See how long it takes them to discover the plot. Then you can see what communication platforms have been tapped by the intel agencies. Upon arrest, state you were running an experiment.
> Upon arrest, state you were running an experiment.

IANAL, but my understanding is that this is not how law works.

IANAL either, but mens rea would be missing at least, if it's relevant for terrorism charges.
In general, “Psych! JK guys. You should have seen your faces” is not an advised defence.
Only slightly less effective than "These aren't my pants these are my friends my pants."
You could try another experiment: Pack a fake bomb in your luggage the next time you fly. Upon arrest, point out that it was a fake and you were running an experiment.
'Funny' riff that you made me think of is to do 'trash pile shadow art' of a gun in your luggage. :D
Lots of people stick a gun in their checked luggage because when you do that the airline taxes extra care not to lose it.
Would they really arrest people just for chatting about stuff?

I cannot see an investigation building a good case without material corroborating evidence, such as weapons purchases, criminal profiles, movement of vehicles, packages, etc. etc.

If arrests were made based solely on chats, how many kids running Call of Duty are going to get nailed, a la WarGames: The Dead Code?

This reminds me of the "it's not the content, it's the behavior" approach towards community moderation, which I think is generally a good lens. If a bunch of defendants with no history of using encrypted messaging all of a sudden use encrypted messaging immediately before and after a crime that they're linked to, then maybe that in itself says something material, even aside from the content of those conversations.

But yes, to avoid the risk of "encrypted messaging usage" becoming a point of suspicion, that's also another point as to why people should use it for normal stuff.

One thing I don't understand is, why are E2EE messages on Whats App impervious to a subpoena? Take this example: let's say I had evidence of a crime, but I put it in a safe with an unknown-to-me code, locked it, and put the safe in my basement. I could see the DOJ compelling me to get the safe opened if possible. In the case of Whats App, the E2EE is merely a promise to users from Meta. Nothing is stopping Meta from deploying an updated app version that phones home message contents. What can Meta not be compelled to release such an update?
Because their terms says otherwise. Always good to watch those when they change.
Not a lawyer, but that's not how subpoenas work in my understanding. A subpoena is a legal writ compelling the production of evidence or testimony.[1]

If Meta had access already, the data they have could therefore be subject to a subpoena. They already are responsive to subpoenas for information from facebook for example[2]. However a subpoena can't compell them to change their app to do something it doesn't currently do - it can only get them to provide evidence they have.

[1] https://uk.practicallaw.thomsonreuters.com/2-501-7136?contex...

[2] https://www.zdnet.com/article/heres-what-facebook-sends-the-...

> Nothing is stopping Meta from deploying an updated app version that phones home message contents.

IIUC there isn't a known case where the government has forced something like this. It is technically possible but legally some people claim that this is "forced speech" or other things so that it can't be compelled.

The government tried to compel Apple this way (not through a subpoena but an ancient law called the All Writs Act) in the San Bernardino shooting case but they were able to unlock the phone through other means so the case just ended up going away. It probably depends on whether Whatsapp can argue it's unreasonable, the government has other investigative techniques available, etc.
For your average criminal case, I don't believe companies can be compelled by investigators to "pwn" a user's service in this way. But there are two things to note:

All of the US three-letter agencies have been lobbying VERY hard for warrantless surveillance of social networks and backdoors into E2EE apps, using CSAM as a justification and claiming that all of their existing evidence-gathering channels are "going dark" due to rising use of encryption. So far they haven't succeeded, but I feel that it is only a matter of time before they get the bulk of what they are asking for. Either due to a series of small "wins" stretched out over many years, or there will be a high-profile case where a child is abducted and murdered and the agencies will finally get their big win from congress by rushing in front of congress and TV cameras and shouting, "we could have prevented this with unfettered access to the criminal's phone!" (And I'll only give that about a 15% chance of actually being factually true.)

Second, there is absolutely nothing preventing the government from secretly compelling any US person or company to produce evidence via practically any means for a case via a National Security Letter if they can even tangentially frame the suspect as a terrorist.

I hope that eventually such an argument would sound like that using a security envelope is a sign of guilt.
I'm all for encrypted messaging, but this article seems to be almost willfully misreading the DoJ's intentions. They won't specify the case even though it's on the public record; I believe I have found it here[0].

The government's motion [1], as the article quotes, says that it "does not anticipate arguing—as Defendants claims—that Defendants 'specifically used an encrypted messaging application to evade law enforcement'". They concede that this would be irrelevant under the particular statute at issue. Instead, they argue that banning any mention of encryption is too much. They pose a couple of reasonable-sounding hypotheticals for when the encryption might be relevant. For example, "if Defendants attempt to attack the thoroughness of the Government’s investigation, the Government may need to present evidence that its investigatory avenues were limited by Defendants’ use of encrypted messaging." The article flippantly dismisses these without justification.

The judge's ruling [2] took the obvious middle path between the parties: the government can't bring up encryption as evidence of guild. If one of their hypotheticals actually happens during trial, they can approach the bench and ask to admit it then. This seems eminently reasonable to me.

[0] https://www.courtlistener.com/docket/63007873/united-states-...

[1] https://storage.courtlistener.com/recap/gov.uscourts.med.615...

[2]https://storage.courtlistener.com/recap/gov.uscourts.med.615...

> if Defendants attempt to attack the thoroughness of the Government’s investigation, the Government may need to present evidence that its investigatory avenues were limited by Defendants’ use of encrypted messaging

Because this line of reasoning would result in outcomes that are contrary to the entire legal tradition of this country? Should the government be able to charge anyone who uses Signal because they can say "well, there would be evidence but it's all encrypted"? No one is calling the judge unreasonable, it's more a commentary about aggressive prosecutors.

OP doesn't specify the case cited, so we have to take their word for details, but from the description it appears that everything was done as normal and as specified in the Constitution.

OP doesn't say if prosecutors established probable cause by other means, but doing so would let them apply to a judge for a search warrant with particulars of what they were looking for.

Most search warrants involve going through a lot of irrelevant stuff to find the relevant stuff. Defendants can move to ensure the irrelevant stuff is excluded, and a judge not the prosecutor decides. It sounds like this is exactly what is happening in this case.

Of course defendants have been trying for a long time to force prosecutors to establish guilt beyond reasonable doubt BEFORE getting access to evidence, but this goes counter to the Constitution and common sense.