By Chimdi Alagor
In the past month, both Google and Apple announced that the next generation of their operating systems, Android L and iOS 8 respectively, will encrypt information on cell phones automatically. As soon as you create a passcode for your device running iOS 8 or the soon to be released Android L, the data on your phone becomes encoded, and can only deciphered when your passcode is entered. This encryption makes your phone more secure and more difficult for hackers, thieves, and even the police to unlock and view the information on your phone.
What makes this move by Google and Apple so monumental is that after you make your passcode, the companies cannot access this code. Previously, if you forgot your password, or if the police obtained a search warrant, the companies could access your passcode and give it to help you or the police unlock your phone. By taking away their ability to unlock your phone, Google and Apple have made it impossible for the police to access information on the phone without your permission… even if they have a court-sanctioned warrant. To better understand the way this encryption works, Jonathan Zdziarski, a security researcher, suggests looking at the system like a series of lockers. Google and Apple used to have at least one of these lockers open in order to obtain information like call history and notes, when directed to do so by the police. Zdziarski states that now the two companies have essentially said: “We’re using a locker that actually has a combination on it, and if you don’t know the combination, then you can’t get inside. Unless you take a sledgehammer to the locker, there’s no way to get to the files” (NY Times: “Signaling Post-Snowden Era, New iPhone locks out NSA”). Now all of these lockers are closed using a combination that neither company keeps in its possession, meaning that the companies could not give your passcode to the police even if they wanted to.
When looking at this change in the Apple and Google privacy policy, one could easily see it as a direct attack on the United States government in response to the NSA cyber espionage programs revealed by Snowden, as government security agencies have done. However, this line of thought should be reconsidered when paying more attention to the effects of creating a lawful intercept, or “backdoor”, for the government in iOS and Android. Apple and Google could easily create a backdoor that allows the police to access data on phones with a warrant, but this would defeat the entire purpose of the encryption. By creating a backdoor, the companies would not only be providing an entryway into a cell phone for the police, but also one for hackers, thieves, and others with malicious intentions. There is no way to keep the good people in, and the bad people out. Another thought to consider is the fact that Apple and Google devices are used in many countries around the world, and not all of them might want to view the data on a citizen’s phone for security reasons, and the country’s greater good.
Although the encryption on Google and Apple devices will make it harder for the police to access information on your phone, don’t fall into the trap of thinking that all the information on your phone is invisible to the law. Most Androids and all iPhones back up your phone’s information on cloud based services like iCloud and Google Plus/Drive, and this information must be handed over to the police with a warrant. So if you have iCloud on, the police can still see all the notes, pictures, and videos created on your phone. Even if you have gone out of your way to disable iCloud, the police can still go to phone carriers and access your text messages, location info, call history, and wiretap phone calls. So just because your phone data is encrypted, doesn’t mean that anything you do on your phone cannot be seen by law enforcement.