After weeks of speculation, President-elect Donald Trump today named Senator Jeff Sessions (R-AL) as his choice for attorney general. The choice has already alarmed Trump critics for a number of reasons — particularly his role in drafting Trump’s proposal to temporarily ban muslim immigration — but for tech companies, there may be another concern entirely. Less than a year after prosecutors took Apple to court over an iPhone linked to the San Bernardino shootings, a Sessions-led Justice Department could be exactly what law enforcement needs to restart the encryption fight.
Sessions has to be confirmed by the Senate before he can officially take the post, but observers say it’s unlikely Democrats can effectively block the nomination.
A former prosecutor, Sessions was one of the FBI’s staunchest allies during the San Bernardino case, and has long criticized companies that design products without mechanisms for government access. As head of the Justice Department, Sessions would have the power to prosecute companies that don’t cooperate with law enforcement demands under the All Writs Act, the same mechanism used against Apple earlier this year.
“We need to be prepared for a full frontal assault on the right to encrypt in 2017.”
"Coming from a law enforcement background, I believe this is a more serious issue than Tim Cook understands," Sessions said in a Congressional hearing in February. "In a criminal case, or could be a life and death terrorist case, accessing a phone means the case is over. Time and time again, that kind of information results in an immediate guilty plea, case over."
During the case, Apple refused to comply with the government’s demand to code and install a security-breaking version of iOS, which would have given the government access to the data stored on the San Bernardino iPhone. “We need to decide, as a nation, how much power the government should have over our data and our privacy," Tim Cook said, in defense of the company’s decision. Ultimately, the government withdrew its demand, accessing the phone through a still-undisclosed method provided by a third party.
Still, Apple’s decision drew significant criticism at the time, including from Donald Trump, who called for a boycott of Apple products until the company complied with FBI demands.
Some are also worried about new action on the legislative front. Open Technology Institute director Kevin Bankston says he believes the new administration could lead to a revival of the Burr-Feinstein encryption bill introduced earlier this year, which would have mandated less secure products in order to ensure law enforcement access.
“We need to be prepared for a full frontal assault on the right to encrypt in 2017,” says Bankston. “It's time for folks who care about cybersecurity, privacy, innovation and the tech economy to start digging trenches.”
The encryption debate has attracted less attention in the aftermath of the case, but it’s still a live issue for many in law enforcement. The Manhattan District Attorney currently has possession of 423 iPhones implicated in crimes that cannot be decrypted because of iOS security protections, and such phones are frequently seized at a federal level as well. Earlier this month, an iPhone 6 was seized in a drug smuggling case and submitted to a forensic lab for analysis — although the iOS encryption measures would likely make the phone unreadable without some previously undisclosed investigation technique.
WhatsApp is also rumored to have been a target of a number of wiretap orders. The service’s end-to-end encryption prevents it from complying with those orders in many cases, a conflict that has led to court-ordered blackouts of the service in Brazil. Thus far, the US government has not brought a case seeking to compel WhatsApp to comply with the wiretap orders, as prosecutors did in the San Bernardino case, but that decision is entirely at the discretion of the attorney general and his subordinates.
Update 1:59PM ET: Updated with comment from OTI’s Kevin Bankston.