One of my rather right-wing correspondents sent me a note this morning with materials making the rounds of right-wing Internet sites about a new surveillance-oriented FBI smartphone app solicitation.
While most of the stuff on those sites is total hogwash, this particular solicitation actually does exist — dated 29 July 2016 — and is worthy of some analysis.
The solicitation itself:
Smartphone-Based Audio Recorder
Solicitation Number: DJF-16-1200-N-0007
Agency: Department of Justice
Office: Federal Bureau of Investigation
Location: Procurement Section
And the quite interesting draft technical requirements are available for download.
The background description includes capabilities such as:
– Running on Android, iOS, or Windows
– Overt (e.g. interview) and stealth/remote control surveillance modes
– Not requiring jailbreaking for installation
– Storing and streaming of audio, plus GPS, and eventually video
– Cryptographic hash for data integrity and chain of custody control
– Encryption of data on phone not required
– And more
So what’s really going on here?
Right-wing sites are spinning this as “the government is going to turn all our smartphones into bugs!” That clearly is not the goal here.
First, we know that there are already a large number apps available for these phones that provide many of the capabilities asked for in this solicitation. We can be sure that governments are already using these off-the-shelf apps for surveillance purposes.
But the solicitation technical requirements reveal the government’s main “problems” in this regard: authentication and chain of custody.
When the government goes to court currently with such recordings, they often have to provide testimony vouching for the veracity of the recordings, and provide technical details in open court that they’d prefer not to discuss. As the solicitation itself notes: “In fact, the Government works diligently to limit and control who has access to these details as they could be used against us.”
Here’s what I think this all boils down to:
The government wants to replace their current rather ad hoc recording/surveillance apps with a system that would include integral verification that the recorded and/or streamed audio/video/gps data had not been edited or tampered with in any way.
This would have obvious benefits for the government, as in making presentation of such evidence in court potentially much more streamlined, but could also benefit innocent defendants who would be less likely to face evidence that had been unscrupulously altered in the government’s favor.
It does seem odd that encryption of data on the phone is not a requirement, since this suggests that the data could be exposed “in the clear” if the phone fell into unauthorized hands — even if we assume that https: crypto is used for actual data streaming out from the phone.
Perhaps the bottom line question here isn’t whether the government is planning mass deployment of smartphone control and surveillance systems as the right-wing Internet sites appear to fear — that’s clearly false.
But a completely valid question for consideration is whether such a “new and improved” recording/surveillance app would encourage its use in targeted situations where surveillance wouldn’t have been considered (or accepted by courts) in the absence of such an app, and to what extent that could encourage actual overreach and potential abuse by the FBI and other government agencies in specific cases.
I have consulted to Google, but I am not currently doing so — my opinions expressed here are mine alone.
– – –
The correct term is “Internet” NOT “internet” — please don’t
fall into the trap of using the latter. It’s just plain wrong!