Over the past couple of months, the word encryption has been thrown around a lot in the media, specifically in terms of mobile encryption. With stories of the FBI requesting a back door to Apple phones being headline news, could we be seeing the end of mobile encryption?
Before we get into the events of the past couple of months lets go over what phone encryption actually is. Encryption on your phone works by storing your data in an unreadable form. When you turn your phone on you then enter your password, pin or scan your fingerprint, this then decrypts your phones data for you allowing you to read it. This also occurs on apps, with individual apps encrypting their data
In January of this year, a California state legislator proposed a bill that would ban the retail of smartphones with full-disk encryption, meaning that all the data on the device is encrypted and can be only read by you. This bill was proposed after a similar proposal was announced by a New York State assembly. The intent of both bills was to be able to access the phones of criminals or victims, these bills have become even more prolific after the FBI-Apple dispute.
The dispute started when the FBI asked Apple to unlock the iPhone of one of the 2015 San Bernardino attack perpetrators. Between 2015 and 2016 Apple received at least 11 orders from the FBI “to use its existing capabilities to extract data like contacts, photos and calls from locked iPhones running on operating systems iOS7 and older” for the use in criminal investigation. There were other requests that desired Apple to “design new software to let the government circumvent the device’s security protocols and unlock the phone”. Apple later refused to make a ‘backdoor’ for the iPhone saying that such a thing would leave their phones and customers data vulnerable to hackers, stating:
In late March of 2016 the FBI delayed a court hearing with Apple on the grounds that they had found a third party company to unlock the phone, 5 days later they announced that the third party had helped it unlock the phone and closed their case against Apple. Many tech groups are also expecting the FBI to release how they got into the phone in the weeks to come with an Apple patch to quickly follow.
The big question is, is this the first step towards unencrypted phones? Well, not entirely. There have been many proposed bills and laws that have stated that they wish to ban certain types of encrypted data on phones but none of them have actually been put into force. In the UK as well there have been proposed bands on encrypted communication services such as WhatsApp and Snapchat. Such laws have probably not come into force due to the large scale and time for them to implemented, with tech companies having to redesign devices and software. WhatsApp have also revealed that they are adding end-to-end encryption to their app meaning that every part of the application is encrypted.
From my research I have come to see that banning encryption is something that governments around the world want, to help them get into the devices of criminals or of victims but software developers, phone manufacturers and consumers still want encryption on their devices to keep their data safe. I feel like the topic of encryption is going to be discussed many times over the following months due to the FBI-Apple case and proposed laws and bills, but I feel like the consumer is going to come out as the winner. Even if tech companies manage to create a back door that authorities can access easily but can’t be hacked then the end user still comes out on top. Some of the big names in tech such as Microsoft also backed Apple in their case against the FBI saying that encryption is a great way of keeping consumers’ data safe, without encryption on certain devices consumers are probably going to be less inclined to buy specific devices. I believe that encryption is going to be around for a while yet as no clear solution has been found on how you can protect users’ data whilst easily giving access to authorities to look at it.
By Sam Tutt on April 6th, 2016