Law Enforcement Requirements
for Trust and Confidence
[Seal of the FBI]
A Law enforcement
perspective:
• Law enforcement’s need for trust and confidence
• Impact of security products and infrastructures
• Overview of proposed CESA legislation
What if ?
• You didn’t recognize critical evidence
• You couldn’t use any documents
• You couldn’t use any records
• You accidentally destroyed your evidence
• The bad guy organized your case for you
How do we get this evidence?
• Given to us
– victims provide
• Search for it
• Capture it
– data intercepts
Examination of evidence
• Reliability of evidence
• Adherence to accepted protocols and practices (standard)
• Use of proven / accepted software
• Ability to testify as to methods and results
Computer evidence in court
• Paper vs electronic
• Testimony must establish reliability
• examiner testifies to evidence collection techniques
• investigator testifies to what was learned by the evidence
• Weight of evidence decided by jury
• Qualifications of expert are important
How security products and infrastructures help
us
• Authentication
• Information integrity
• Non- repudiation
• Confidentiality (Privacy)
• Data Recovery
The White House Press Statement, Sept. 16,
1999
• “.. the same encryption products that help facilitate confidential
communications between law- abiding citizens also pose a significant and
undeniable public safety risk when used to facilitate and mask illegal and
criminal activity”
Impact of Encryption on Electronic
Surveillance
• Electronic surveillance is an extremely important investigative tool
• The nation’s telecommunication networks are routinely used in
the commission of serious criminal activities
• The ability to conduct court authorized intercepts and comprehend
these criminally related communications in a real time fashion is of tremendous
and fundamental importance
• Communications protected by strong encryption will seriously impair
the use of this important investigative tool
Impact of Encryption on Search and Seizures
• Search and seizure of evidence is critical to all investigations
• Law enforcement is increasingly dependent upon search and seizures
of electronically stored information
• There are no alternatives to search and seizures for obtaining
prosecutorial evidence
• The use of encryption can effectively prevent access to this critical
evidence
Impact of Encryption on Search and Seizures
(cont.)
• The widespread use of computer and computer networks has dramatically
increased the volume of computer evidence
• The FBI routinely encounters computers in criminal cases involving
– Health care fraud
– Child pornography
– Terrorism
– Drugs
– Financial institution fraud
• During the execution of search warrants, law enforcement routinely
seize personal computers and associated digitally stored media
The White House Press Statement Sept. 16,
1999
• “This requires an approach that properly balances the critical
privacy interests with the need to preserve public safety.”
• “… the CESA provides such a balance by simultaneously creating
significant new privacy protections for lawful users of encryption, while
assisting law enforcement’s efforts to preserve existing and
constitutionally supported means of responding to criminal activity.”
Cyberspace and Electronic Security Act
(CESA)
• Protect the privacy of encryption users and support recoverable encryption
• Protect the confidentiality of investigative techniques associated
with access to plaintext and industry trade secrets
• Authorizes funding for the Technical Support Center within the FBI
CESA-Privacy Protections
• Provides significant privacy protections for users of encryption by
– Limiting the USE and DISCLOSURE of keys obtained through court processes
– Requires the DESTRUCTION of such keys
– Requires notice be provided, with permissible delay, to persons whose
keys are obtained through court processes
CESA-Support Recoverable Encryption
• Provides other protections for the users of recovery agents by –
– Limiting disclosure of keys by recovery agents
– Limiting access to keys from recovery agents
– Limiting disclosure of customer’s identity by a key recover agent
• CESA does not require the use of recovery agents, or otherwise
regulate recovery agents
CESA-Confidentiality Protections
• Limits government disclosure of industry “trade secrets”
in this area
• Ensures that information obtained by the government, such as through
a court order, can be strongly protected to prevent harm to industry
CESA-Confidentiality Protections
• Permits judges to protect investigative techniques (used to obtain
plaintext) from disclosure in civil or criminal cases
– Allows use of special evidentiary procedures
– Must be consistent with the Constitution
• Necessary because disclosure of such techniques means they will
be useless in the near future
CESA-Technical Support Center
• Authorizes $80 million for fiscal years 2000-2003 for a Technical
Support Center within the FBI
• The TSC will serve as a centralized resource for federal, state and
local law enforcement in responding to the use of encryption by criminals
CESA-Other Provisions
• Sentencing enhancement recommendation regarding the use of encryption
in furtherance of criminal activity
• Agency head authority to preclude advertising the procurement
solicitations regarding plaintext access goods and services
• Authorizes personnel exchange programs with industry
• Provides liability protection for those who support public safety,
such as through compliance with a court order
CESA-What it does not do!
• Does not provide new authority for search warrants for encryption
keys without contemporaneous notice to the subject
• Does not regulate the domestic development, use or sale of encryption
• Does not affect intelligence activity or classified information (it
does not alter FISA or CIPA)
Final Thought
• “We must have a balanced policy that reflects the needs of privacy,
electronic commerce, national security and public safety.”
– Jim Robinson, Assistant Attorney General
|