Recently I’ve heard of a few states (NY and CA, I’m looking in your direction) thinking about outright banning the sale of phones that are capable of encrypting phone contents. Specifically they claim that the state (namely the police) should have the ability to decrypt and access all the contents of your personal mobile devices (because reasons). Interestingly enough though, these two states have taken the stance of punishing the seller, not the user (this is a common theme in law). That means that Apple, Google, and Microsoft (and all other cell phone manufacturers like LG, HTC, OnePlus; and all cell phone providers like Verizon, T-Mobile, Sprint) would be unable to sell their equipment in NY and CA (or face stiff penalties of up to $2,500 in the case of CA). These penalties would be retroactive (how is that even legal???) back to January 1st, 2016. I don’t see how any of this makes any sense.
Look, I get it. Law enforcement agencies exists to arrest and subsequently convict people of crimes (under the pretense of the greater public welfare and trust). Law enforcement needs information to make their cases as air-tight as possible. Law enforcement also understands that people have their lives on their phones. Law enforcement therein made the (what I can only assume they thought to be) logical jump to say: we need complete and unrestricted access to cell phone contents. I do not see how a cell phone (and it’s contents) are not protected by the 4th Amendment of the Constitution of the United States. The police cannot just barge into your home (without a warrant) and root around for anything that might be suspected of being used in a crime. Even more than that, even if they do get a warrant it has to be very specific (at least in theory; in practice lately this does not seem to be the case, but that isn’t really in the purview of this discussion) or else the results of the search can be entered as inadmissible.
Encryption is a natural backlash to a string of perceived slights from the public by law enforcement. Encryption simply denies access to the information by anyone without the access code. The Supreme Court has recently decided that the 5th Amendment applies to your access codes to your devices. This means that if your phone is encrypted you cannot be legally coerced into providing your password. Therefore, an encrypted device would be largely inaccessible to law enforcement. I can see why they’d be bothered by this. What I can’t see is how they have any legal basis to declare that encryption is inherently bad (unless in their hands).
Encryption is your final line of defense against people who would use your mobile phone and the data therein to build a case against you (even for something you may not have initially been suspected of). You should be using it (and there are instructions later in this post about getting it done) for your own (and for your contacts) well being and protection. It also has the handy ability to make your phone a paperweight upon being stolen (most devices encrypt the bootable partitions of the device, meaning you must enter the decryption code before the device will even start up, meaning you cannot even format it or recover the device without the code.
The funny part is these laws supposedly would apply to goods purchased outside of the state and shipped in as well, but not to goods you physically purchase in another state and then transport into the other state by hand. This means you would not be able to buy an Apple phone in NY, or via Amazon shipped into NY, but you would be able to drive into NJ, buy the phone, then drive back. Are they seriously trying to kill their own tax revenues by limiting technology sales? That seems like a recipe for disaster.
All things considered: I am not surprised by NY claiming that encryption is evil and that police should have access to your data at all times.
I am, however, completely surprised (and taken aback) by CA making the same claim. I wonder how Apple and Google feel about their headquarters states now? It astounds me that a state so rife with technology can be so utterly left in the dark ages via their politics.
And if these states honestly expect Apple and Google to stop full device encryption then I think those states are definitely in for a rude awakening (assuming the bill even passes, which I doubt will happen). Apple’s CEO Tim Cook challenged this anti-encryption mentality in early 2015 with his statements: ““history has shown us that sacrificing our right to privacy can have dire consequences.” I am honestly surprised that the heads of Google and Microsoft haven’t come out with a similar statement or sentiment. Regardless I have no doubt that any company would be willing to forgo the sales in a particular state (knowing full well that someone who wants their device would just go a state over to get it).
Whatever the case may end up being one thing is clear: 2016 is going to be an interesting year for encryption technology and end user rights.
For your information: