By Dave McClure and John Roman.

Last month, Apple announced that its new operating system won’t allow the company to get past your password on a protected device, even if it is to help law enforcement.

“On devices running iOS 8, your personal data… is placed under the protection of your passcode,” Apple’s new privacy policystates. “…Apple cannot bypass your passcode and therefore cannot access this data. So it’s not technically feasible for us to respond to government warrants for the extraction of this data from devices in their possession running iOS 8.”

As of last night, Android manufacturers have announced they will do the same.

The practical implications are clear. The upside to users is that your data will be more secure. The downside is that customer support isn’t going to be much help if you forget your password.

But there are much larger public policy implications. Simply, these new policies expose big questions about the appropriate use of technology by law enforcement. Encryption will make it more difficult for law enforcement to get at information that could be important to criminal investigations, which has both upsides and downsides with respect to the tradeoff between crime fighting and civil liberties.

Here, we present both sides.

Accessing the technology

Dave: This is a graceful exit by Apple and Google’s Android from an arms race between law enforcement and privacy advocates. Someone else will eventually figure out how to provide law enforcement with access to these devices. All this changes is that it won’t be Apple or Google helping the police.

John: You’re right, but it makes crime fighting harder in important ways. For the FBI and big law enforcement agencies, some kind of workaround will probably limit the importance of these decisions, but smaller policing agencies will just walk away from some serious cases since they lack the resources to deal with encryption.

Effect on law enforcement’s ability to fight crime

John: That said, I don’t see much impact on how we fight crime. Our research suggests we can’t even process DNA to identify unknown offenders, much less hack phones to aid law enforcement investigations. We don’t use this kind of technology to do anything but prosecute known suspects (like leaders in the mafia, gangs, and drug networks), and only in a tiny number of cases.

Dave: Maybe so, but more and more, smartphones are becoming the holy grail of personal information. They’re rich sources of information on where you go, whom you talk to, what you’re interested in. Maybe smartphone data aren’t being used to their full potential now, but these new policies could make it harder to eventually add them to law enforcement’s crime-fighting arsenal. While these OS changes may not have made it completely impossible for investigators to get at those valuable data, these companies have made it more challenging by removing themselves from the process.

Effect on iCrime (smartphone robbery)

Dave: Data thieves are certainly out there, but they’ve already got sneaky methods of getting into your phone without Apple or Google’s help. If a thief is only interested in the hardware, they don’t care about accessing your data anyway; they want the phone wiped clean of any data. So there should be little effect on iCrime.

John: Actually, an important consequence of this change is that it should reduce robberies of mobile devices. This significantly changes the risk/reward of an iPhone robbery—because devices will be harder to hack, it raises the costs and reduces the benefits of stealing a device and will reduce street crime.

Public safety vs. civil liberties

John: This is simply a question for a democracy to wrestle with. Prior to 9/11, we valued civil liberties over crime-fighting more than we did post-9/11, when the pendulum swung toward law enforcement. It’s now swinging back. How far is a question voters need to answer.

Dave: Civil liberties are already supposed to be protected well before law enforcement ever reaches out to Apple or Google. The Supreme Court’s June decisions in Riley v. California and United States v. Wurie made it clear police are supposed to “get a warrant” before accessing a cell phone. These companies’ willingness (or not) to help law enforcement shouldn’t have any effect on a judge’s decision whether there is probable cause to sign a warrant. Google and Apple are just throwing-up a second barrier, whereby instead of waiting for voters to strike the balance, these companies are responding to the will of the consumer, who they believe want greater data security.

Final point

It’s not clear how big an impact these policy changes will have. Those who upload their data to the cloud can still have their data turned over in response to a warrant—those data will still be available to law enforcement, and users will have to affirmatively change their settings to prevent police access. One would expect that clever people involved in illicit activities have already done that. So at the end of the day, this could all just be about marketing.

But as technology evolves, the bigger questions are worth considering, because the day when media devices “go dark” and become completely inaccessible to law enforcement may be coming.

[divider] [/divider]

Originally posted at Metro Trends.