Surveillance

"Law Enforcement Has Access to So Much More Data Now That It Makes Up for Losses Due to Encryption"--Unpacking This Claim

By Herb Lin
Tuesday, December 22, 2015, 10:08 AM

Today’s New York Times reports that Apple is pushing back on British demands for back doors to encrypted information in part by arguing that “Law enforcement today has access to more data — data which they can use to prevent terrorist attacks, solve crimes and help bring perpetrators to justice — than ever before in the history of our world.”

This is a common assertion by back-door opponents, and it is worth unpacking.  At the core of the assertion is an undeniable element of truth—the volume of data available today in aggregate and on a per capita basis is enormously larger.

For example, Cisco notes that “in 1992, global Internet networks carried approximately 100 GB of traffic per day. Ten years later, in 2002, global Internet traffic amounted to 100 gigabytes per second (GBps). In 2014, global Internet traffic reached 16,144 GBps.”  Similar growth rates can be seen in per capita usage, with 2014 seeing 6 GB per capita per month compared to 1 GB per month in 2008. 

In addition, the different types of data are numerous.  It’s not just the content of a phone conversation—these data types include text and instant messages, internet search history, location information from cell phones, email, online purchases, video surveillance records, metadata regarding who was involved in a conversation and when it took place and how long it lasted, and on and on. 

And so, the argument goes, even if some content information is unavailable because of encryption to law enforcement authorities, the volume of other data that is available more than makes up for it, relative to the comparable situation 10 or 20 years ago.

For the most part, I accept this argument.  But I caution that there are two wrinkles in it that worry me.  First, a large part of the volume increase comes from the fact that today’s traffic is much more image- and video- based than in the past.  The amount of Shannon information (i.e., the number of bits) in a record of a video chat is enormously larger than that in an exchange of instant messages, but they may be equally useful in terms of the information they provide to law enforcement.  In other words, much of the increase in the volume of information may simply be irrelevant from the standpoint of law enforcement authorities.

Second, and relatedly, the argument assumes—without justification—that all types of information are equally relevant to a law enforcement investigation.  It is certainly true that investigators will try to use all types of information available to them, but that does not necessarily mean that all of those types are equally relevant.  In some cases, location information may be more relevant than the content of text messages, and in other cases, the reverse may be true.

Here, both the back-door advocates and the back-door opponents have been silent.  Back-door advocates need to make an argument for why—on average and in general—certain kinds of information (that would be unavailable because of encryption) are more important than other kinds of information that would be available.  And no, one or two cherry-picked example cases will not be sufficient here.  I want to see that study.

And back-door opponents need to make an argument for why—on average and in general—a bit is a bit, regardless of the type of information it is representing, if they want to continue making the argument that the large amount of data available today makes up for informational losses due to encryption.  My own instinct is that on this point, the back-door opponents are more likely to be right—that on average and in general, all kinds of information are about equally useful, though that’s obviously not true in specific cases.  But I wish I had more than my own instinct to rely on here.