Mobile phone encryption and security has hit the headlines again both in the UK and the US as law enforcement agencies seek ways to break the phone’s encryption in order to access data and information.
But where does this take us with regards to mobile security and privacy in the future? Will manufacturers be required to create “backdoors” to provide access without the need of passwords or pin numbers? What will it mean if they do create the backdoor access points to a mobile phone? There are so many questions, so here we’d like to discuss these points and you can decide which you feel is the best way forward.
What is an encryption backdoor? Essentially the backdoor is a software entry point that bypasses the mobile phones encryption and security allowing access to all the mobile phone or tablet’s data and information. It is highly contentious as many security experts believe that such an access point dramatically weakens the strength of the mobile security and privacy and therefore could be used not only by the law enforcement agencies but also criminals. On the flip side, some believe that by offering a mobile device that cannot be hacked, it provides a safe haven to the criminals as they can communicate without fear of disclosure.
Mobile phone security and privacy in the UK
In the UK, Police Scotland have recently invested half a million pounds developing a suite of computers to give them the ability to access certain information and data held on a mobile phone or tablet without the need of a password. They say that the devices they will be working on are encrypted, but they will only be used on phones or tablets that have either been voluntarily submitted or have been captured as part of a judicial warrant.
However, questions have been raised about the legality of breaking a mobile phone’s encryption to gain access and if it breaches a person’s privacy rights. There was also the question as to whether this technology complies with European Law. Police Scotland have stated that these issues have been addressed and even the Crown Office have stated that there is a legal basis for the computers to gain access to the mobile devices.
Mobile phone security and privacy in the US
In the US, the F.B.I. have requested Apple’s help in gaining access to two iPhones in the wake of the shooting at a US Navel Base in Pensacola. This has opened fresh debate about mobile phone security, privacy and encryption as Apple have stated that they simply do not have the means by which to break their encryption. Apple say the only way that access would be possible would be to have the backdoor created in the system, but that would compromise the overall integrity of the mobile phone encryption and security. In response, the F.B.I. have continued to state that they are not asking for a backdoor to be built into the Apple system, just access to these two iPhones.
What next for mobile encryption and security?
It can be seen that there is still a large debate going on as to the merits and pitfalls for total mobile encryption verses access for legal purposes. Both in the UK and US, many believe the only way that a backdoor option would become a reality would be if Governments legislate that they must be included in the development of the mobile phone. Others believe that is would be an infringement on the civil privacy rights of people. Clearly, this will be a long way off, if ever, happening as the backlash would likely be huge.
But what do you think? Where do you stand on mobile privacy and security verses the ability of law enforcement agencies being able to access devices in cases of serious criminality?
We would be interested in hearing your thoughts: @BlackphoneUK.