Wednesday, October 01, 2014
Departing US Attorney General warns of danger to people if tech companies go to far in blocking cops from encrypted cloud data; could government search "private data" this way?
Attorney General Eric Holder (who is leaving office) said that tech companies need to leave cloud data open to police, at least when with proper warrants, in response to stories that Apple and other companies can design encryption that won’t even be broken under warrants.
The online “Switch Blog” story in the Washington Post by Craig Timberg is “Holder urges tech companies to leave device backdoors open to police”, link here. In print today, p. A14, the title was more alarmist, “Holder says encryption may aid kidnappers, abusers.” The story appears to follow an earlier one in the Post Sept. 18.
Much of the concern would be about child pornography and sex trafficking, but it could compass criminal or terrorist kidnapping of ordinary citizens.
It is probably possible for the government to search (without warrants) cloud backups more than 180 days old for “digital hash” matches to known images of child pornography (from NCMEC), just as Google has started doing with gMail attachments. I haven’t heard that this has actually happened. But illegal content found in a Cloud account, however private, would still legally imply a "possession" offense (as with c.p.).
Very disturbing could be the idea of subpoena of cloud data to look for copyright infringement in civil cases, where the copies are still private and have never been “published” online but only kept for private use. Normally lawsuits for illegal downloads in the past happened by spying on direct P2P networks, not clouds.