About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

1 1 (February 22, 2021)

handle is hein.crs/govecin0001 and id is 1 raw text is: ) n 9 February 22, 2021 Law Enforcement and Technology: the Lawful Access Debate Technological advances present both opportunities and challenges for U.S. law enforcement. For example, some developments haveincreased the quantity and availability of digitalcontent and information for investigators and analysts. Some observers say law enforcement's investigative capabilities may be outpaced by the speed of technological change, preventing investigators from acces sing certain information they may otherwise be authorized to obtain. Specifically, law enforcement officials cite strong, end-to-end encryption, or what they have called warrant-proofencryption, as preventing lawful access to certain data. Companies employing such strong encryption have stressed they do not hold encryption keys. This means they may not be readily able to unlock, or decrypt, the devices orcommunications-notevenforlawenforcement presenting an authorized search warrant or wiretap order. Front Door or Back Door Access Rhetoric around the encryption debate has focused on the notion of preventing or allowing back door access to communications or data. Many view a backdoor as the ability for an entity, including a government agency, to acces s encrypted datawithout the user's explicit authorization. However, backdoor access can be a security vulnerability. Despite this concern, a number of encrypted products and services havebuilt-in backdoors andthus can comply with law enforcement requests for information. For instance, many email service providers encrypt email communications and also maintain a key to those communications storedon their servers. This is also the case for cloud providers that maintain keys to the data stored on their servers. Strong, end-to-end encryption wheire companies do notmaintain keys, however, does not contain the same opportunities for access. Also, unintended back doors, orvulnerabilities, may be discoveredby technology companies, security researchers, government investigators, malicious actors, or others. Law enforcement contends that they wantfront door access, where there is a clear understanding of when they are acces sing a device, as the notion of a backdoor sounds secretive. This front door could be opened by whomever holds the key once investigators have demonstrated a lawful basis for access, such as probable cause that a crime is being committed. Whether front or b ack, however, building in an encrypted door that can be unlocked with a key-no matter who maintains the key-adds a potential vulnerability to exploitation by hackers, criminals, and other malicious actors. Researchers have yetto demonstrate how it would be possible to create a door that could only be accessed in lawful circumstances. CALEA The simultaneous opportunities and challenges that evolving technology present to law enforcementhave received congressional attention for several decades and have been a centralpoint of contention between law enforcement and technology companies. The 1990s brought concerns that digital and wireless communications made it more difficult for law enforcement agencies to execute authorized surveillance. In response, Congress passedtheCommunications Assistance for Law Enforcement Act (CALEA; P.L. 103-414) to help law enforcement maintain its ability to execute authorized electronic surveillance. Among other things, CALEA requires thattelecommunications carriers assist law enforcement in efforts to intercept electronic communications for which it has a valid court order to cany out. There are several noteworthy exceptions to this requirement: Law enforcement cannotrequire (orprohibit) providers of wire or electronic communications services (as well as manufacturers of equipment and providers of support services) to implementspecific design of equipment, facilities, services, features, or systemconfigurations. In other words, they cannotrequire providers to build in access points. Telecommunications carriers are not responsible for decrypting any encrypted communications (or ensuring that the government has the ability to do so), unless the company already has the ability to do so. CALEA applies to telecommunications carriers but specifically does not apply to information services such as websites and internet service providers. (Notably, the Federal Communications Commis sion administratively expanded CALEA's requirements to also apply to certain broadband and Voice over Internet Protocol [VoP] providers.) Proposed expansions of CALEA generally fall into two broad categories. Some proposedexpansions may broaden the range of communications or information service providers covered by CALEA. Some have been interested in making CALEA more technology neutral, such that it could, given therapidly changing technology landscape, apply to a wider range of communications or information service providers. Otherexpansions may broadenthe requirements placed on telecommunication carriers-such as maintaining the ability to decrypt communications- placed on entities coveredby CALEA.

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Purchase Access

Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most