In February, the IACP held a summit on Going Dark: Addressing the Challenges of Data, Privacy, and Public Safety. This summit was convened in response to a critical issue law enforcement is facing today. The law hasn’t kept pace with technology, and this disconnect has created a significant public safety problem, which we call “Going Dark.”
Law enforcement simply needs to be able to lawfully access information that has been duly authorized by a court in the limited circumstances prescribed in specific court orders—information of potentially significant consequence for investigations of serious crimes and terrorism.
The summit brought together chiefs, investigators, and subject matter experts to explore legal, technical, and operational issues associated with the issues surrounding the gathering and use of data related to communications and mobile devices.
Those of us who are charged with protecting the public aren’t always able to access the evidence needed to prosecute crimes and prevent terrorism. We have the legal authority to intercept and access communications and information pursuant to appropriate legal processes, but often lack the technological ability to do so. In other words, data and communications are “going dark” for law enforcement.
There are two overlapping challenges of Going Dark: (1) interception of real-time information from “data in motion” such as phone calls, emails, and live chat sessions and (2) access to “data at rest,” which includes data—emails, text messages, photos, and videos—stored on computers, cellphones, tablets, flash drives, and other digital devices. These challenges are becoming increasingly prevalent; more and more often, both real-time communication and stored data are being encrypted, making them inaccessible to law enforcement.
This is not about seeking broad new surveillance capabilities above and beyond what is currently authorized by the U.S. Constitution or by lawful court orders, nor are we attempting to access or monitor the digital communications of all citizens. Law enforcement simply needs to be able to lawfully access information that has been duly authorized by a court in the limited circumstances prescribed in specific court orders—information of potentially significant consequence for investigations of serious crimes and terrorism.
There are technological issues, such as the encryption capabilities that are being built into new digital devices, but there are also legal and policy issues, such as the Communications Assistance for Law Enforcement Act (CALEA), which needs to be updated to incorporate new communications technologies.
Critical investigations increasingly rely on digital evidence lawfully captured from smartphones, tablets, and other communications devices. Law enforcement’s inability to access these data—because we cannot break the encryption algorithm resident in the device, the device does not fall under CALEA, or the developer has not built the access routine—means that lives may well be at risk or lost and guilty parties remain free.
We respect the public’s right to privacy and the legal and constitutional provisions that are designed to ensure civil rights and civil liberties of citizens, but these issues surrounding the gathering and use of data related to communications and mobile devices must be addressed to ensure safety and security.
A lot of ground was covered during the summit, and everyone shared ideas for moving forward. We are now in the process of working on developing recommendations for action. We look forward to sharing these recommendations in order to better assist local, state, and federal law enforcement agencies as they address encryption issues during criminal investigations. ♦
Please cite as
Richard Beary, “Going Dark: Addressing the Challenges of Data, Privacy, and Public Safety,” President’s Message, The Police Chief 82 (April 2015): 6.