Skip to main content
banner image
venafi logo

Is Mobile Encryption Really an Urgent Public Safety Issue?

Is Mobile Encryption Really an Urgent Public Safety Issue?

mobile encryption
January 23, 2018 | David Bisson

The Federal Bureau of Investigations has responded to what it's called the "urgent public safety issue" of mobile encryption by calling Apple a bunch of "jerks."

At the FBI International Conference on Cyber Security in Manhattan, senior FBI forensic expert Stephen R. Flatley lashed out at the technology giant for being "pretty good at evil genius stuff."

Flatley's full remarks are currently unavailable, so it's difficult to impute motivation to the expert's comments.

Even so, his condemnatory words appear to relate back to the belief widely held by the Bureau that mobile encryption used by Apple and other tech companies hinder investigators' work.

FBI Director Christopher Wray has himself made that sentiment clear.

Presenting at the FBI conference in New York, Director Wray explained how investigators were unable to access data from nearly 7,800 devices in the fiscal year that ended on 30 September 2017. The agents had the legal authority to access the devices, he noted. However, they were unable to open them due to the use of encryption on those phones.

Director Wray therefore feels mobile encryption is a big problem for the FBI:

"While the FBI and law enforcement happen to be on the front lines of this problem, this is an urgent public safety issue for all of us. Because as horrifying as 7,800 in one year sounds, it’s going to be a lot worse in just a couple of years if we don’t find a responsible solution.

The solution, I’ll admit, isn’t so clear-cut. It will require a thoughtful and sensible approach, and may vary across business models and technologies, but—and I can’t stress this enough—we need to work fast."

The FBI has been dealing with this "urgent public safety issue" for years now. According to Naked Security, it started back in September 2014 when Apple launched iOS 8 and announced it could no longer access data on an encrypted device. That stance helped produce the infamous encryption dispute between the FBI and Apple over unlocking one of the San Bernardino shooter's iPhones in early 2016, along with similar incidents where investigators raised the call for backdoors in order to access malicious actors' encrypted data.

Once again, the FBI and other government actors miss the point that encryption doesn't just benefit malicious actors. Here's Matt Pascucci on the matter:

"Yes, there are malicious people using encryption for illegal acts and there will always be individuals bending technology for their own mischievous purposes. This, however, doesn’t mean we should remove the ability to protect ourselves and is exactly the reason why putting a backdoor into encryption is a bad idea.

There are exponentially more people using encryption to protect themselves and their privacy from being subjected than those looking to harm others. We put bolt locks on doors to keep out those we don’t want to enter. If criminals are using bolt locks to prevent law enforcement from entering, it’s not the lock’s fault."

Creating encryption backdoors to help solve the FBI's "Going Dark" problem ultimately creates more risk for ordinary users than it helps investigators catch criminals.

With that said, organizations need to realize that malicious actors are increasingly using encryption to carry out their criminal activities. They should therefore make an effort to continuously monitor their keys and certificates lest bad actors abuse their encryption infrastructure for nefarious purposes.

Gain complete visibility over your keys and certificates with Venafi TrustAuthority.

Related blogs

Subscribe to our Weekly Blog Updates!

Join thousands of other security professionals

Get top blogs delivered to your inbox every week

See Popular Tags

You might also like

man shrugging his shouldders, torso shot, dressed in business attire

Jury Out on Whether Reducing Certificate Lifetimes Would Actually Improve Security

Elizabeth Warren image Corporate Executive Accountability Act

Can Encryption Save Execs from Blame in Breaches? [Ask Infosec Pros]

Why Encryption Should Be the Next Step in Operationalizing GDPR Compliance

Why Encryption Should Be the Next Step in Operationalizing GDPR Compliance

About the author

David Bisson
David Bisson

David is a Contributing Editor at IBM Security Intelligence.David Bisson is a security journalist who works as Contributing Editor for IBM's Security Intelligence, Associate Editor for Tripwire and Contributing Writer for Gemalto, Venafi, Zix, Bora Design and others.

Read Posts by Author
get-started-overlay close-overlay cross icon
get-started-overlay close-overlay cross icon
Venafi Risk assessment Form Image

Sign up for Venafi Cloud


Venafi Cloud manages and protects certificates



* Please fill in this field Please enter valid email address
* Please fill in this field Password must be
At least 8 characters long
At least one digit
At last one lowercase letter
At least one uppercase letter
At least one special character
(@%+^!#$?:,(){}[]~`-_)
* Please fill in this field
* Please fill in this field
* Please fill in this field
*

End User License Agreement needs to be viewed and accepted



Already have an account? Login Here

×
get-started-overlay close-overlay cross icon

How can we help you?

Thank you!

Venafi will reach out to you within 24 hours. If you need an immediate answer please use our chat to get a live person.

In the meantime, please explore more of our solutions

Explore Solutions

learn more

Email Us a Question

learn more

Chat With Us

learn more
Chat