After backing down in the most recent encryption debate, law enforcement officials still seem to be coming up with novel ideas about how to keep encryption out of our and criminal hands. The latest bright idea proposes that app gatekeepers Google and Apple could apply some censorship to their stores to prevent users from accessing encryption apps.
The suggestion came from Thomas Galati, the chief of intelligence at the New York Police Department, while responding to a question from Congressman Morgan Griffith (R-VA). The topic of discussion was around if it would be possible for the US government to impose restrictions on apps that provide encryption services or end-to-end encryption which are located outside of the country. In other words, how could/should the government force foreign app companies to comply with any future encryption laws in the US.
“Certain apps are not available on all devices. So if the companies that are outside the United States can’t comply with same rules and regulations of the ones that are in the United States, then they shouldn’t be available on the app stores, ”– Thomas Galati, New York Police Department
According to a recent survey, many encryption products don’t originate from the US, making legal administration rather complicated. Galati wasn’t the only law enforcement official to have spotted this trend, with others also suggesting to use app stores as a potential fix.
“Right now Google and Apple act as the gatekeepers for most of those encrypted apps, meaning if the app is not available on the App Store for an iOS device, if the app is not available on Google Play for an Android device, a customer of the United States cannot install it,” – Charles Cohen, Indiana State Police
As you probably expected, those within the technology industry were quick to respond to the suggestions rather negatively. Responses pointed out implications ranging from essentially turning Apple and Google into bodies of censorship, to completely undermining the open model behind the entire Android ecosystem.
Of course, this suggestion does little to address obvious and easily achievable work arounds, such as side-loading applications, rooting, or jailbreaking. Such a move would clearly have major knock-on effects for popular messaging services, such as WhatsApp, that have recently implemented encryption too. Finally, it’s more than likely that those looking to use encryption for nefarious purposes would simply switch to a different operating system or methods of communication. To me, it doesn’t seem like a very well thought-out solution.
Do you think that law enforcement is onto something with this idea?