I entirely agree that the information could be accessed by targeting Apple (or, likely, Skype) to access information either retroactively or going forward.
But, one thing that did strike me as potentially an issue for LEAs after reading the memo: given that communications aren't uniformly going through a single point that can ID communications (i.e. the carrier doesn't seem to know if you're using iMessage, or skype messages, or whatever) then LEAs might be in a situation of having to send requests for data to a host of communications service providers (Apple, Skype, etc). Should this be the case, then the fragmentation of what used to be 'carrier-owned' communications environment (i.e. SMS/MMS) could pose a problem. This problem is made worse for non-American LEAs, on the basis that many of the mechanisms to get Facebook, Google, or Apple to disclose information depends either on corporate quasi-judicial evaluations of court orders (e.g. is a Canadian warrant for X sufficiently close to a US warrant for us to decide to disclose data, outside of the MLAT process) or going through MLATs. This isn't an argument for centralizing communications at a single point to make things easier for LEAs. However, if carriers are presently unable to tell LEAs what communications service providers their customers are using to communicate then I can image legislative or regulatory proposals to 'resolve' this 'problem'. Specifically, such solutions could require carriers to monitor communications flows to know what their subscribers use to communicate, on the basis of potential LEA needs in the future. I imagine that such political maneuverings could/would be spun as being 'privacy protective', insofar as security officials could maintain that 'we don't want to know who you're talking to, or what you're saying, just how you're saying it'. (Note, that my musings aren't meant as endorsement of such regimes, but instead thinking through a possible implication of the 'leaked' memo for carriers and citizens in democratic Western states.) ~Chris ********************************************* Christopher Parsons Doctoral Candidate Political Science, University of Victoria http://www.christopher-parsons.com ********************************************** On 9 April 2013 09:44, Andrés Leopoldo Pacheco Sanfuentes <alps6...@gmail.com> wrote: > There you go. The same beef with Skype - encrypted communications, but > Skype retains the encryption keys (assuming it works the same under > Microsoft ownership), so a no-no for privacy/security-minded > organizations and individuals. > Best Regards | Cordiales Saludos | Grato, > > Andrés L. Pacheco Sanfuentes > <a...@acm.org> > +1 (817) 271-9619 > > > On Tue, Apr 9, 2013 at 10:52 AM, Wayne Moore <wmo...@stanford.edu> wrote: >> Some people think this is an elaborate troll. Not a Mac user so I can't >> really evaluate this and as I understand it the actual details of the >> iMessage implementation are not known publicly anyway. >> >> https://www.techdirt.com/articles/20130405/01485922590/dea-accused-leaking-misleading-info-falsely-implying-that-it-cant-read-apple-imessages.shtml >> >> Basically the claim is that Apple retains the encryption keys so that >> while it is true as they say in the "leak" that they can't get the data >> from the carriers even with a court order, they could get it by going to >> Apple. >> >> On 4/8/2013 14:31, fr...@journalistsecurity.net wrote: >>> I imagine people here might have thoughts about this. Comes from a >>> Texas-based, civil liberties-oriented blog. >>> >>> Encryption for cloud communications may best protect Fourth Amendment >>> rights >>> via Grits for Breakfast by Gritsforbreakfast on 4/6/13 >>> >>> http://gritsforbreakfast.blogspot.com/2013/04/encryption-for-cloud-communications-may.html >>> >>> Says readwrite mobile: >>> With government requests for personal data on the rise, there are few >>> guarantees in place that you or I won't have our private communications >>> snooped through. Since the Fourth Amendment hasn't yet caught up with >>> the lightning fast pace of technological change, some of the best >>> privacy protections are often the ones implemented by tech companies >>> themselves. >>> Well put. The comment comes in response to a DEA complaint that >>> encryption on the Apple iPhone's chat services made them indecipherable, >>> even with a warrant. Continued writer John Paul Titlow: >>> By architecting iMessage the way it did, Apple created a messaging >>> protocol more secure and private than standard text messages, which is >>> how millions of people communicate every day. As we fire those texts >>> back and forth, we're all creating a digital trail that can be snooped >>> upon or hacked more easily than we care to think about. But if they're >>> being and sent and received from iPhones running iOS 5 or later, those >>> messages are invisible to wiretaps by law enforcement or other prying >>> eyes. >>> >>> Apple didn't have to build iMessage with end-to-end encryption. Gmail >>> isn't encrypted this way, nor are the Facebook messages that are >>> increasingly used like texts on mobile devices. Clearly, SMS text >>> messages aren't particularly well-secured either. Whether winning >>> privacy points was its motivation or not, Apple definitely racks up a >>> few for this. >>> Legislation like Texas Rep. Jon Stickland's HB 3164 to require warrants >>> to access electronic communications is one way to protect privacy for >>> third-party facilitated communications, but a far more effective one >>> would be if Gmail, Facebook, and other major providers encrypted user >>> messages. Those companies may or may not have an economic incentive to >>> do so, but they're arguably in a better position in many cases than >>> legislatures or the courts to protect privacy and Fourth Amendment >>> rights. >>> >>> Frank SmythExecutive DirectorGlobal Journalist >>> Securityfrank@journalistsecurity.netTel. + 1 202 244 0717Cell + 1 202 >>> 352 1736Twitter: @JournoSecurityWebsite: www.journalistsecurity.netPGP >>> Public Key >>> -- >>> Too many emails? Unsubscribe, change to digest, or change password by >>> emailing moderator at compa...@stanford.edu or changing your settings at >>> https://mailman.stanford.edu/mailman/listinfo/liberationtech >> >> -- >> Necessity is the plea for every infringement of human freedom. >> It is the argument of tyrants; it is the creed of slaves. >> >> William Pitt (1759-1806) >> >> -- >> Too many emails? Unsubscribe, change to digest, or change password by >> emailing moderator at compa...@stanford.edu or changing your settings at >> https://mailman.stanford.edu/mailman/listinfo/liberationtech > -- > Too many emails? Unsubscribe, change to digest, or change password by > emailing moderator at compa...@stanford.edu or changing your settings at > https://mailman.stanford.edu/mailman/listinfo/liberationtech -- Too many emails? Unsubscribe, change to digest, or change password by emailing moderator at compa...@stanford.edu or changing your settings at https://mailman.stanford.edu/mailman/listinfo/liberationtech
