About | HeinOnline Law Journal Library | HeinOnline Law Journal Library | HeinOnline
LOG IN
LOG IN

1 1 (January 16, 2024)

handle is hein.crs/govenzw0001 and id is 1 raw text is: Con re &on I flesedrch Service horniig Aecji ivede a~m 'e1914 0 Updated January 16, 2024 Law Enforcement and Technology: the Lawful Access Debate Technological advances present both opportunities and challenges for U.S. law enforcement. For example, some developments have increased the quantity and availability of digital content and information for investigators and analysts. Some observers say law enforcement's investigative capabilities may be outpaced by the speed of technological change, preventing investigators from accessing certain information they may otherwise be authorized to obtain. Specifically, law enforcement officials cite strong, end-to-end encryption, or what they have called warrant-proof encryption, as preventing lawful access to certain data. Companies employing such strong encryption have stressed they do not hold encryption keys. This means they may not be readily able to unlock, or decrypt, the devices or communications-not even for law enforcement presenting an authorized search warrant or wiretap order. Front Door or Back Door Access Rhetoric around the encryption debate has focused on the notion of preventing or allowing back door access to communications or data. Many view a back door as the ability for an entity, including a government agency, to access encrypted data without the user's explicit authorization. However, back door access can be a security vulnerability. Despite this concern, a number of encrypted products and services have built-in back doors and thus can comply with law enforcement requests for information. For instance, many email service providers encrypt email communications and also maintain a key to those communications stored on their servers. This is also the case for cloud providers that maintain keys to the data stored on their servers. Strong, end-to-end encryption where companies do not maintain keys, however, does not contain the same opportunities for access. Also, unintended back doors, or vulnerabilities, may be discovered by technology companies, security researchers, government investigators, malicious actors, or others. Law enforcement contends that they want front door access, where there is a clear understanding of when they are accessing a device, as the notion of a back door sounds secretive. This front door could be opened by whomever holds the key once investigators have demonstrated a lawful basis for access, such as probable cause that a crime is being committed. Whether front or back, however, building in an encrypted door that can be unlocked with a key-no matter who maintains the key-adds a potential vulnerability to exploitation by hackers, criminals, and other malicious actors. Researchers have yet to demonstrate how it would be possible to create a door that could only be accessed in lawful circumstances. CAL EA The simultaneous opportunities and challenges that evolving technology present to law enforcement have received congressional attention for several decades and have been a central point of contention between law enforcement and technology companies. The 1990s brought concerns that digital and wireless communications made it more difficult for law enforcement agencies to execute authorized surveillance. In response, Congress passed the Communications Assistance for Law Enforcement Act (CALEA; P.L. 103-414) to help law enforcement maintain its ability to execute authorized electronic surveillance. Among other things, CALEA requires that telecommunications carriers assist law enforcement in efforts to intercept electronic communications for which it has a valid court order to carry out. There are several noteworthy exceptions to this requirement: * Law enforcement cannot require (or prohibit) providers of wire or electronic communications services (as well as manufacturers of equipment and providers of support services) to implement specific design of equipment, facilities, services, features, or system configurations. In other words, they cannot require providers to build in access points. * Telecommunications carriers are not responsible for decrypting any encrypted communications (or ensuring that the government has the ability to do so), unless the company already has the ability to do so. * CALEA applies to telecommunications carriers but specifically does not apply to information services such as websites and internet service providers. (Notably, the Federal Communications Commission administratively expanded CALEA's requirements to also apply to certain broadband and Voice over Internet Protocol [VoIP] providers.) Proposed expansions of CALEA generally fall into two broad categories. Some proposed expansions may broaden the range of communications or information service providers covered by CALEA. Some have been interested in making CALEA more technology neutral, such that it could, given the rapidly changing technology landscape, apply to a wider range of communications or information service providers. Other expansions may broaden the requirements placed on telecommunication carriers-such as maintaining the ability to decrypt communications- placed on entities covered by CALEA.

What Is HeinOnline?

HeinOnline is a subscription-based resource containing thousands of academic and legal journals from inception; complete coverage of government documents such as U.S. Statutes at Large, U.S. Code, Federal Register, Code of Federal Regulations, U.S. Reports, and much more. Documents are image-based, fully searchable PDFs with the authority of print combined with the accessibility of a user-friendly and powerful database. For more information, request a quote or trial for your organization below.



Short-term subscription options include 24 hours, 48 hours, or 1 week to HeinOnline.

Purchase Access

Contact us for annual subscription options:

Contact Us

Already a HeinOnline Subscriber?

Log In

profiles profiles most