During its recent conflict with Apple over its refusal to help the FBI unlock iPhones, the U.S. Department of Justice dismissed the company’s claims to be defending customer privacy as a “marketing strategy.” Whatever Apple’s motivations, its eventual victory after the FBI backed down certainly didn’t hurt its public image. But it’s not the only company whose business stands to gain from the rift between the government and tech companies over encryption.
The FBI dropped its assault on Apple after an unnamed third party showed the agency how to hack into the iPhone at the heart of the case. Companies that sell hacking tools and services to governments and law enforcement can probably expect business to pick up significantly over the coming months.
News that WhatsApp, owned by Facebook, has now upgraded the encryption protecting the messages of its one billion users could also help drum up new business for the law enforcement hacking trade. The company will no longer be able to decrypt any of the 40 billion messages sent via WhatsApp each day. If cops want to read someone’s messages, they will need to get into their phone.
During Apple’s recent conflict with the FBI, many security experts have said that rather than compel Apple to unlock the San Bernardino shooter’s iPhone, the bureau should try to unlock it themselves by any means necessary, including enlisting contractors who build hacking tools. But there are well documented and undesirable side effects to the hacking tools trade.
One company the FBI has done business with, called Hacking Team, provides a good example. It offers software for hacking phones and computers and has worked with multiple U.S. agencies. But Hacking Team’s wares have also been used by other government and law enforcement clients to suppress political opponents and journalists.
Groups such as the ACLU that have been firm in their support of Apple’s stance on encryption have cautioned in the past that tools like those offered by Hacking Team are trickling down to local law enforcement, and that new surveillance technologies are almost inevitably abused. They point to the recent explosion in the use of “stingrays,” which intercept cellular calls and messages, and which have been widely deployed by local police and sheriffs without warrants.
Legislation was already needed to define and restrict the ways that law enforcement can use hacking tools. It is needed even more urgently now that Apple, WhatsApp, and the FBI have put the spotlight not only on the ways encryption shuts the cops out, but also the companies they enlist to help them get into devices anyway.