2 International Data Privacy Law 200 (2012)
13 Pages Posted: 12 Apr 2012 Last revised: 10 Jun 2017
Date Written: April 12, 2012
This paper explains how changing technology, especially the rising adoption of encryption, is shifting law enforcement and national security lawful access to far greater emphasis on stored records, notably records stored in the cloud. The major and growing reliance on surveillance access to stored records results from the following changes:
(1) Encryption. Adoption of strong encryption is becoming much more common for data and voice communications, via virtual private networks, encrypted webmail, SSL web sessions, and encrypted Voice over IP voice communications.
(2) Declining effectiveness of traditional wiretaps. Traditional wiretap techniques at the ISP or local telephone network increasingly encounter these encrypted communications, blocking the effectiveness of the traditional techniques.
(3) New importance of the cloud. Government access to communications thus increasingly relies on a new and limited set of methods, notably featuring access to stored records in the cloud.
(4) The “haves” and “have-nots.” The first three changes create a new division between the “haves” and “have-nots” when it comes to government access to communications. The “have-nots” become increasingly dependent, for access to communications, on cooperation from the “have” jurisdictions.
Part 1 of the paper describes the changing technology of wiretaps and government access. Part 2 documents the growing adoption of strong encryption in a wide and growing range of settings of interest to government agencies. Part 3 explains how these technological trends create a major shift from real-time intercepts to stored records, especially in the cloud.
Keywords: encryption, privacy, lawful access, cloud computing, wiretaps
Suggested Citation: Suggested Citation
Swire, Peter, From Real-Time Intercepts to Stored Records: Why Encryption Drives the Government to Seek Access to the Cloud (April 12, 2012). 2 International Data Privacy Law 200 (2012); Ohio State Public Law Working Paper No. 175. Available at SSRN: https://ssrn.com/abstract=2038871 or http://dx.doi.org/10.2139/ssrn.2038871
By Henrik Lando
By Henrik Lando