Law enforcement is increasingly facing challenges due to the phenomenon of “warrant-proof” encryption. Service providers, device manufacturers, and application developers are deploying products and services with encryption that can only be decrypted by the end user or customer. Because of warrant-proof encryption, the government often cannot obtain the electronic evidence and intelligence necessary to investigate and prosecute threats to public safety and national security, even with a warrant or court order. This provides a “lawless space” that criminals, terrorists, and other bad actors can exploit for their nefarious ends.
On August 27, 2019, in North Canton, Ohio, an undercover police officer responded to an advertisement on a prostitution website that offered a woman for sexual acts. The ad suggested that the woman being sold was new to prostitution, potentially a victim of sex trafficking, and young—possibly even underage.
The person responding to the officer’s message arranged to have the woman meet the officer in a hotel, with the condition that she would be accompanied by a man who was acting as her pimp. When they arrived at the hotel, police quickly established that the woman was a girl - just 16 years old. The girl later told police that the man who accompanied her received money for bringing her to various hotels and other locations to have sex with strangers. Police arrested the male suspect and seized his cell phone.
The day after his arrest, the suspect was overheard speaking to a female acquaintance on a jail telephone. He expressed concern that the police would access the contents of his cell phone and discover evidence of serious criminal conduct. He said candidly, “If they get in my phone, I’m doing time . . . . If they get in my phone, I’m doing time for other [stuff].”
Law enforcement quickly used this evidence to seek a search warrant to access the contents of the suspect’s cell phone to investigate and obtain evidence of criminal conduct. A federal judge agreed that there was probable cause to search the phone and issued the warrant.
Law enforcement expected the phone to contain names of other sex trafficking victims, contact information for additional sexual predators, and evidence of other criminal activity alluded to by the suspect. But law enforcement wasn’t able to access any of that information because the suspect’s cell phone was encrypted.
Despite a lawfully issued warrant, law enforcement was unable to bypass the encryption on the phone and access its content. In fact, the cell phone manufacturer’s default encryption ensures that no one, other than the suspected sex trafficker himself, would be able to unlock it. To this day, law enforcement has been unable to access the encrypted phone and may never get the evidence needed to prosecute the suspect for his most serious offenses, identify other potential sex offenders who purchase sex with children or trafficked persons, or save other potential victims.
On October 4, 2019, the Department hosted a summit entitled Lawless Spaces: Warrant-Proof Encryption and Its Impact on Child Exploitation Cases. The Summit explored the impact of warrant-proof encryption on investigations and prosecutions. It featured speeches by senior Department officials and distinguished guests and panel discussions and presentations from non-governmental organizations, state and local law enforcement, and international partners.
Speeches from the Summit are below:
- Attorney General William P. Barr, Keynote Address
- Deputy Attorney General Jeffrey A. Rosen, Remarks
- FBI Director Christopher Wray, Finding a Way Forward on Lawful Access: Bringing Child Predators out of the Shadows
For more information about the Lawful Access summit or to view the agenda or archived video of the event, please visit the Lawless Spaces: Warrant-Proof Encryption and Its Impact on Child Exploitation Cases page
The Department has long been concerned about the lawful access issue. A selection of previous statements are listed below.
- Attorney General William P. Barr, Keynote Address at the International Conference on Cyber Security (July 2019)
- FBI Director Christopher Wray, “The Way Forward: Working Together to Tackle Cybercrime,” International Conference on Cyber Security (July 2019)
- Report of the Attorney General’s Cyber-Digital Task Force (July 2018) (see pages 116-118)
- [Former] Deputy Attorney General Rod J. Rosenstein, Remarks on Encryption at the United States Naval Academy (Oct. 2017)
- [Former] Deputy Attorney General Rod J. Rosenstein, Remarks at the Global Cyber Security Summit (Oct. 2017)
- Pittsburgh Post-Gazette Op-Ed: Facebook encryption could endanger victims
- Salisbury Post Op-Ed: Tech companies have ability to save children
- Houston Chronicle Op-Ed: Encryption lets sexual predators escape the law
- Cleveland.com Op-Ed: Child predators must not be able to hide behind warrant-proof encryption
- Peoria Journal Star Op-Ed: Warrant-proof encryption threatens public safety
- Herald-Dispatch Op-Ed: Warrant-proof encryption threatens children
- Dallas Morning News Op-Ed: Legislators must not allow warrant-proof encryption to make America more dangerous
- The Chattanoogan Op-Ed: Why Ensuring Lawful Access Is Necessary
On October 3, 2019, the Department published an open letter to Facebook from international law enforcement partners from the United States, United Kingdom, and Australia in response to the company’s publicly announced plans to implement end-to-end-encryption across its messaging services.
The letter is signed by Attorney General William P. Barr, United Kingdom Home Secretary Priti Patel, Australia’s Minister for Home Affairs Peter Dutton, and Acting Homeland Security Secretary Kevin McAleenan.
To read the Department’s statement or to link to the letter, please visit the Office of Public Affairs page
Encryption is an essential tool that helps protect data, communications, devices, and infrastructure from cyber threats and contributes to user privacy. But the rapidly growing use of warrant-proof encryption in everyday devices and software means that criminals—including drug dealers, child predators, and terrorists—use encryption to shield their illicit activities from authorities.
Encryption is a means of concealing data (including text, images, or video) from anyone who is not the intended recipient. It translates the data into a format that is unintelligible until it is retranslated back into its original form through use of a decoding mechanism. While forms of encryption have been used for many years, encrypted information today can be impossible (or nearly impossible) to decode even using sophisticated technology.
The U.S. legal system permits law enforcement officials to obtain access to evidence in private locations by convincing an independent judge to issue a search warrant or a wiretap order. To obtain such access, the government must provide evidence to a court that there is probable cause to believe that evidence of a crime will be found in the location to be searched. The judge will then assess the individual’s privacy interests and determine whether there is sufficient probable cause to justify the search. However, this system is thwarted by warrant-proof encryption.
Law enforcement regularly encounters encryption in two ways: (1) default encryption for data stored on devices (“data at rest”); and (2) real-time communications in transit over a network (“data in motion”), where decryption capability is limited to the end user (“end-to-end encryption”). End-to-end encryption leaves the service provider unable to produce readable content in response to wiretap orders and search warrants, thus making the content “warrant-proof.” In other words, the targets of the investigation control whether or not their communications are subject to lawful surveillance.
The use of widespread and increasingly sophisticated encryption technologies significantly impairs, or entirely prevents, many serious criminal and national security investigations, including those involving violent crime, drug trafficking, child exploitation, cybercrime, and domestic and international terrorism.
Online Child Exploitation and COVID-19
As explored during the Department’s Lawful Access summit highlighted above, warrant-proof encryption is of particular concern in child exploitation cases. This concern is heightened by the COVID-19 pandemic. Due to school closings and stay-at-home orders, children’s increased online presence may put them at greater risk of encountering online child predators. These criminals often rely on anonymity and technology like end-to-end encryption to hide their nefarious activity and evade detection by law enforcement.
The Department of Justice has created a tip sheet to help parents, guardians, caregivers, and teachers protect children from becoming victims of online child predators: Keeping Children Safe Online During COVID-19.
Additionally, Assistant Attorney General Beth Williams recently published an op-ed about the increased risk to children during COVID-19. AAG Williams noted that we “should be particularly mindful about children’s use of apps and platforms that feature end-to-end encryption, direct messaging, video chats, file uploads, and user anonymity, which are often relied upon by predators to contact children and evade law enforcement.” And she stressed that “the fight to protect our children can only be won if everyone – including the government, industry, and private citizens – remains vigilant.”
For more information about the Department’s response to COVID-19, please visit justice.gov/coronavirus.
On October 28, 2020, AAG Williams and Associate Deputy Attorney General Stacie Harris participated in a virtual panel discussion hosted by Columbia Law School on Combating the Online Exploitation of Children. The panel also featured a commander from the Internet Crimes Against Children Task Force Program, a reporter from the Boston Globe who has written about child-exploitation issues, and a survivor of child exploitation and abuse. The event focused on the role of technology, law, journalism, and public policy in protecting children in the virtual world, and included a discussion on the impacts of warrant-proof encryption and COVID-19 on the ongoing crisis of online exploitation. A video of the event can be viewed at the following link: Combating the Online Exploitation of Children.