Smartphone Encryption: Protecting Victim Privacy While Holding Offenders Accountable

By Kaofeng Lee, National Network to End Domestic Violence  

The last few months have seen heated debates between law enforcement and technology companies over the issue of smartphone encryption. The government has argued that encrypted devices and new technologies make it more difficult for law enforcement to investigate crimes while technology companies claimed that weakening encryption weakens security for everyone. Currently, Congress is drafting a bill that would require technology companies to make encrypted data readable, and several state legislatures have introduced legislation to block the sale of encrypted smartphones.

At the core of the encryption debate is the concept of privacy and technology security. Technology nowadays – in particular the smartphone – collect and store an unprecedented amount of private information, including personal health data, access to online accounts (such as social media and email), videos and pictures, and so much more. Some of this information can be especially private and something a user may not want others – a friend or family member, an abusive partner, or an employer – to know about. For those individuals, the security on their smartphone can enhance or strip away that privacy.

Through the Safety Net Project at the National Network to End Domestic Violence, we have been addressing the intersection of technology and violence against women for over 15 years, and have trained more than 80,000 victim advocates, police officers, technologists, and other practitioners. In looking at how technology can be misused to facilitate stalking and harassment and how survivors can use their technology to attain safety, privacy is a recurring and fundamental component.

For victims of domestic violence, sexual assault, and stalking, privacy and data security are integrally connected to their safety. A survivor’s smartphone is their lifeline; yet their smartphone can also be incredibly vulnerable to misuse by an abuser. A survivor’s smartphone is often one of the first things an abuser will target simply because of the amount of information on there. If they can compromise the victim’s smartphone, they have access to all phone calls, messages, social media, email, location information, and much more. For these reasons, smartphone security and encryption is essential to safeguarding the privacy of victims’ personal information.

The other side of the encryption debate is the ability for law enforcement to hold offenders accountable, which is something we also strongly support. When abusers misuse technology to threaten and terrorize, investigators can trace the digital trail to discover and prove who committed the crime.

While law enforcement should not be impeded in their ability to investigate a crime, it’s important to recognize that smartphone encryption does not prevent law enforcement from doing an investigation of technology-facilitated domestic violence, sexual assault, and stalking. In these types of crimes, the goal of the perpetrator is to wield power and control over the victim by controlling the victim’s technology, harassing the victim through messages or phone calls, monitoring their activity, or disseminating harmful and devastating rumors about the victim. It is often an interaction between the victim and perpetrator through a third party, and digital evidence or proof of this harassment and abuse could exist elsewhere: on the victim’s own devices or an online platform (Facebook, email, etc.).

There may be circumstances in which evidence only exists on the perpetrator’s device. This could be the case in a sexual assault, for example, in which the perpetrator recorded or took videos of the assault on his/her device and has not yet shared them or posted them publicly. In situations such as this, unless the videos or photographs were uploaded online or backed up, the evidence may not be anywhere but on the perpetrator’s smartphone.

In most cases, however, it is possible for law enforcement to successfully investigate and build a domestic violence and sexual assault case without needing the perpetrator’s smartphone. For example, evidence of harassment via emails, texts, or social media will also exist on other technology platforms. If the abuser purchased monitoring software or is tracking the victim through a paid service, there might be financial records. In some cases, the survivor may have access to some of the evidence that might be needed. While survivors should never be in the position of having to investigate their own crimes, they are often in the best position to know what’s happening, and they should be involved and part of the process.

BALANCING VICTIM PRIVACY AND OFFENDER ACCOUNTABILITY

Ultimately, for survivors of domestic violence, sexual assault, and stalking, the smartphone encryption issue comes down to balancing victim privacy and offender accountability. Both are equally important but neither should be compromised for the other. Victim privacy is fundamental to victim safety, and the technologies survivors use should have the most security and encryption possible.

It’s also important to recognize that weakening smartphone encryption to allow law enforcement access means weakened encryption—period. If an abuser is technologically savvy or is in law enforcement, their victim may have less privacy and security on their smartphones. There is no professional immunity to those who commit violence against women, and perpetrators of domestic and sexual violence work in all fields, including technology companies and law enforcement agencies.

We believe it is possible for law enforcement to investigate technology-facilitated domestic violence, sexual assault, and stalking crimes, without compromising victim privacy through weakened smartphone encryption. Law enforcement, federal funders, technology companies, and the victim advocate community need to come together to figure out how to support survivors and help them be safe while also holding offenders accountable.

Instead of finding ways to get around smartphone encryption, law enforcement agencies deserve and need far more resources to investigate crimes facilitated through technology. Law enforcement should be given more information and tools so they not only know how technology is misused to facilitate crime, but all the different places where the evidence could exist, and the proper process and method on gathering this evidence. A good, thorough investigation of technology-facilitated domestic violence, sexual assault, and stalking goes beyond examining a perpetrator’s encrypted smartphone.

At our annual Technology Summit, we ensure that there are sessions geared specifically for law enforcement professionals, so they can take this knowledge back to their communities. We’ve worked with other national organizations, such as the International Association of Chiefs of Police, to develop articles to share this knowledge with law enforcement. Despite 15 years of addressing this issue, however, we still hear from survivors and their advocates that thorough investigation of technology-facilitated crimes is not happening consistently across the country. Rather than proposing legislation requiring access to encrypted data on a smartphone or banning encrypted smartphones, we encourage legislators and advocacy groups to look at what is actually needed to fully investigate these crimes and to truly address what law enforcement can do to hold offenders accountable.

 

Reprinted with permission from author Kaofeng Lee at the National Network to End Domestic Violence. Click here for the original text

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s