So a couple of days ago I was explaining why Orin Kerr was wrong about Apple’s new policy of rendering themselves unable to encrypt customers’ iPhones, and in passing I linked with some disdain to a piece by former FBI Assistant Director Ronald T. Hosko, who was claiming, of course, that the new policy would help the bad guys.
Yesterday, however, Hosko did something that none of the anti-privacy alarmists at the NSA have ever been able to do: He gave an actual example of someone who would have been harmed by Apple’s policy. He did this in a post for the Washington Post‘s blog PostEverything titled something like “I helped save a kidnapped man from getting killed. With apple’s new encryption rules, we never would have found him.”
It was a dramatic way to make his point. It’s one thing for people like me to go on about abstract concepts like privacy rights, but I don’t have the burden of helping save the life of actual kidnap victims. In the face of Hosko’s story, the privacy argument becomes a lot harder to make. I suppose if I wrote a full response to Hosko’s piece, I would have to reiterate the dangers of a brittle security system, I would talk about the horrors of living in an all-seeing totalitarian police state, and I would point out that law enforcement officers are not free of trustworthiness issues.
The trustworthiness problem is especially relevant. You may notice I didn’t give you a link to Hoska’s article. That’s because in the time since it was originally posted, the title has been changed to “Apple and Google’s new encryption rules would make law enforcement’s job much harder,” and this note has been added at the bottom:
Editor’s note: This story incorrectly stated that Apple and Google’s new encryption rules would have hindered law enforcement’s ability to rescue the kidnap victim in Wake Forest, N.C. This is not the case. The piece has been corrected.
As near as I can tell from the rewrite, Hosko was a little confused, and it turns out the FBI got all the information they needed from the carrier, not the phone itself.
So, maybe I’ll write that longer response some day. But for now, I think I’ll just take this as an illustration of why I’m not really ready to trust these people when they say they need access to my personal data.