As more criminals use encryption to avoid the law, the FBI teams up with an unexpected partner
Written by ABC Audio All Rights Reserved on September 16, 2024
(BERKELEY, Calif.) — Two weeks ago, as college students returned to campus at the University of California, Berkeley, some of the most senior officials in the FBI were huddling inside a nondescript conference room beneath the stands of the school’s football stadium.
“Here’s where the rubber meets the road,” one of the FBI officials told the group of law enforcement officials, academics, tech developers, venture capitalists, and crime victims.
The problem they’re trying to solve, according to officials, is that the FBI is losing its ability to fight some of the greatest threats facing Americans, because phones and other electronic devices are increasingly being designed with no way for authorities to access their contents when the law authorizes them to collect evidence regarding suspected crimes — including those committed by radical terrorists, fentanyl dealers and online child predators.
It’s hardly a new problem.
“[It’s] the same conversation we had yesterday, five years ago, and 10 years ago, and 15 years ago, and now 20 years ago,” a professor told the group. “There’s something depressing about that. … We keep making the same goddamn mistakes over and over again.”
That’s why the FBI has taken the unusual step of turning to an academic institution for help. And not just any academic institution, but Berkeley — considered to be the birthplace of the Free Speech and student protest movements of the 1960s.
“To their credit, they were willing to think outside the box,” former U.S. Secretary of Homeland Security Janet Napolitano, who now runs a center at Berkeley focused on security, said of the FBI.
‘A historic milestone’
A generation ago, such a partnership would have seemed unthinkable. In the 1950s and ’60s, in the midst of the Cold War, the FBI reportedly targeted a wide swath of Berkeley professors and students with surveillance and other secret tactics, convinced that radical Communists were among them.
Now, however, the FBI is battling a very different set of threats — and a new generation of advanced technologies.
Last year, the FBI signed an agreement with Napolitano’s center, the Center for Security in Politics, vowing to exchange resources and technology related expertise in a shared effort to support the FBI’s mission.
In a press release at the time, Napolitano touted the arrangement as “the first collaboration of its kind” and “a historic milestone for both institutions.”
The meeting two weeks ago was one of the first in-person gatherings to come out of the agreement.
The gathering involved three sessions spread over two days, and ABC News was allowed to observe the closing session on the condition that it not name any of the speakers.
One FBI official framed the final session by noting that while the FBI brings “enormous resources to bear” in significant or high-profile cases, “we don’t have the people, we don’t have the financial resources to do that” in the many thousands of other cases the FBI pursues each day.
“[That] is why we need to work with our private sector partners to have a lawful-access solution for our garden-variety cases,” the FBI official said during the session.
Instead of trying to address the many types of threats investigated by the FBI, the summit focused on just one: finding ways to stop child exploitation and the spread of sexual abuse material online.
“I think there’s a universal recognition that that stuff is bad, and we need to figure out a way to better deal with it,” Napolitano told ABC News.
‘A really egregious trend’
More children than ever are being exploited online, as predators use newer technologies like live-streaming apps, online video games and advanced messaging platforms to solicit sexual material from them, according to Abbigail Beccaccio, who heads the FBI’s section focused on violent crimes against children.
Beccaccio told ABC News there’s been a significant shift in these cases as they’ve exploded in number.
While the FBI had long seen cases of “traditional sextortion,” when predators with a sexual interest in young girls trick them into sharing explicit images of themselves, the FBI has in recent years seen a “huge uptick” in so-called “financially motivated sextortion” targeting boys, Beccaccio said.
In such cases, the victims are tricked into sharing sexually explicit images of themselves — but “that’s where the scheme turns,” said Beccaccio. Armed with the compromising material, the perpetrator then threatens the victim with claims of, “If you don’t send me money, I will ruin your life, I will send this to all your friends and family,” Beccaccio said.
In less than 18 months, from October 2021 to March 2023, the FBI counted more than 12,600 victims of such schemes — a “huge” and “shocking number,” as Beccaccio put it.
She said she knows of cases where children even dipped into their college savings accounts to pay the criminals who targeted them. But worst of all, she said, “We began to see a really egregious trend in suicides.”
Beccaccio said that helps illustrate why she and her FBI colleagues are so adamant that law enforcement needs some way to access criminals’ devices when a judge authorizes it.
“Without lawful access, we lose the ability to obtain the information we need to prosecute the offenders and rescue these child victims,” she warned.
The public, she said, should find that “troubling.”
‘A very dark place’
A decade ago, as highly-encrypted phone apps became commonplace, the FBI tried to engage the public in a national conversation about the future of lawful access. Then-FBI director James Comey warned that “going dark” by losing lawful access to personal data would lead to law enforcement agencies “missing out” on chances to stop “some very dangerous people.”
“Criminals and terrorists would like nothing more than for us to miss out,” he warned during an October 2014 speech in Washington, D.C. “Encryption threatens to lead all of us to a very dark place.”
The issue came to a head a year later, when for several months the FBI was unable to unlock an Apple iPhone left behind by one of ISIS-inspired terrorists who killed 14 people and injured nearly two dozen others during an attack in San Bernardino, California, in December 2015.
There were congressional hearings held on the issue, and the FBI even took the matter to federal court, seeking to force Apple to find a way for authorities to access the phone’s content. The case became moot after an Israeli security company found a way to unlock the perpetrator’s phone.
“It’s so seductive to talk about privacy as the ultimate value,” Comey told a House panel in March 2016. “[But] in a society where we aspire to be safe and have our families safe and our children safe, that can’t be. We have to find a way to accommodate both.”
But the FBI’s public campaign over lawful access appeared to lose steam after FBI leadership become engulfed in a controversy surrounding the 2016 presidential election and Comey was fired as the agency’s director in May 2017.
Now — more than seven years later — the FBI is trying to spark the conversation again.
Katie Noyes, the head of the FBI’s next-generation technology section, said that in a survey of the FBI’s field offices last year, the bureau identified nearly 17,000 active cases that were either stalled or missing key evidence due to “warrant-proof encryption.”
Just two months ago, as the FBI struggled to determine why a 20-year-old Pennsylvania man tried to assassinate former President Donald Trump at a campaign rally, Abbate, the deputy director, told lawmakers that the shooter had used encrypted applications and that, more than two weeks after the shooting, the FBI was still unable “to get information back because of their encrypted nature.”
“We need a solution that provides lawful access to law enforcement,” Abbate implored lawmakers during a Senate hearing on the assassination attempt.
So the FBI is turning to Napolitano and her team at Berkeley for help.
‘Waiting for the market’
The summit at Berkeley was led by Napolitano’s team and an array of FBI officials, including deputy director Abbate; Jeff Fields, the head of counterintelligence at the FBI’s San Francisco field office; and members of the agency’s technology units.
Victims of online sexual exploitation, including a woman whose likeness appeared in a “deepfake” video that went viral, also shared their stories and perspectives.
“What was really wonderful about this convening was having really disparate points of view around the same table,” Noyes told ABC News, adding that some of the tech companies and venture capitalists there said they had never heard directly from victims before.
The group got into an impassioned debate over whether tech companies, especially global giants such as Apple and Meta — neither of whom participated in the summit — would ever voluntarily redesign their devices and platforms to ensure that law enforcement could access them with a court order.
One law enforcement official noted that the FBI spoke with the companies a decade ago, but they had little interest in having a conversation about changing their ways.
“Waiting for the market here is not going to get it done,” said another law enforcement official, insisting that the only thing that will bring change is Congress passing a new law.
Others rejected that view, saying that the point of holding the summit is to potentially find other ways to address the problem.
“There hasn’t been much movement at all, but on the other hand the technology has changed,” Napolitano told ABC News after the summit. “And so there may be better and more available ways for government — meaning law enforcement — to get around some of the traditional barriers to lawful access, and those were part of the discussions today.”
‘What’s next?’
Noyes emphasized that she and her colleagues at the FBI are “big fans of encryptions” for personal security and privacy — and that the FBI is not trying to expand or change what it’s legally allowed to do.
As she described it, the FBI just wants ensure that law enforcement maintains the type of access that it has long used to bring criminals to justice.
“There’s no discussion around a request for any additional authority,” she said. “In many cases we have had this access, and it has been removed or taken away over time” due to newer technology.
According to Noyes, the summit produced a number of ideas and proposed approaches.
Some participants suggested that an independent third party could hold a technology company’s access keys in “escrow,” so those keys would not be in the hands of law enforcement but could be used under court order.
There was also discussion about “homomorphic encryption,” a type of encryption that can keep data encrypted even as that data is processed or even shared.
Napolitano said the summit two weeks ago was just the beginning.
“The challenge for us is, ‘OK, now we’ve had these discussions, what’s next?'” she said.
NOTE: If your child is the victim of a predator or you know someone who is a victim, you can always call 1-800-CALL-FBI or submit information online at tips.fbi.gov.
Copyright © 2024, ABC Audio. All rights reserved.