Yottabytes: Storage and Disaster Recovery

Sep 8 2019   9:11PM GMT

Government Wants User Download Data from Apple, Google

Sharon Fisher Sharon Fisher Profile: Sharon Fisher

Tags:
Encryption
government
privacy
Security

We’ve written more than once about government efforts – in the name of fighting crime, of course – to track down everyone in a particular area where the crime was committed. But there’s a new wrinkle.

The Department of Justice and the Immigration and Customs Enforcement Department are now working to obtain a court order to force Apple and Google to give it the names, as well as phone numbers and IP addresses, of everyone who’s downloaded a particular application since August, 2017, plus whenever they’ve used it. The application in question is called Obsidian 4 and is put out by night-vision specialist American Technologies Network Corp. (ATN). Its purpose is to let gun owners get a live stream, take video and calibrate their gun scope from an Android or iPhone device,  according to Thomas Brewster in Forbes, who broke the story.

While other governments have made similar requests in the past – Brewster describes one non-U.S. government that asked one global technology company for the names and addresses of 58 million users of a single app so it could trace a suspected terrorist cell plotting a suicide bomb attack – this is the first time the U.S. government has tried this, he writes.

The issue is illegal exports of ATN’s scope, which is controlled under the International Traffic in Arms Regulation (ITAR), though the company itself isn’t under investigation, Brewster writes.

Likely this would be considered a “third party” request because the government isn’t requesting the information from the users themselves, but from third parties to which the users had given their information. In the Carpenter case, the Supreme Court ruled that such requests about individuals required a warrant.

However, the Supreme Court also ruled that “tower dumps” – in other words, a download of information on all the devices that connected to a particular cell site during a particular interval — are okay. Or, at least, when ruling on Carpenter, they didn’t rule that they weren’t okay. It could be that the court will see these as similar situations, or will at least allow the Department of Justice access to some of the information, with the ability to issue a warrant to get the remaining data for any individual who looks particularly suspicious.

Needless to say, conservative websites are having kittens about this, because they see it as a back door to track down gun owners.

“Allowing this request to go through would create dangerous precedents,” writes Beth Baumann is Townhall, which describes itself as the leading source for conservative news and political commentary and analysis. “The most dangerous aspect though is the government being able to pinpoint every single person and every single firearm a person has. It’s a form of a gun registry…without calling it that.”

According to American Military News, ATN wasn’t contacted about the court order, and intends to protect its customer data to the extent it is allowable under law.

If the idea is actually to track down overseas users of the application, the government should do that, writes Jazz Shaw for HotAir, a sister publication of Townhall. “Why ask for the data for all users?” he writes. “Surely Google and Apple could provide the user data for just those users outside the United States, right? Why not just ask for that if there are no issues with people using the scopes or the app in America? Seems like a reasonable compromise that both the government and the tech giants could see eye to eye on.”

But the problem with this request is actually broader than that. Keep in mind that, at various times, the government has made certain computer things illegal, ranging from public-key encryption to online gambling. What would it be like if the government could then track down everyone who had downloaded such applications and bust them for owning them?

For example, if the FBI succeeds in outlawing encryption, will the government be able to track down everyone who’s ever downloaded WhatsApp, even if they don’t realize it uses encryption and didn’t download it for that purpose? Or, in a hypothetical oppressive U.S. government that outlawed social media or the use of the Internet altogether, what if the government could get the names and contact information for everyone who ever downloaded Twitter or a TCP/IP stack?

A security analyst quoted by Brewster also notes that people don’t necessarily download an app to use it, but could be checking it for security vulnerabilities and other uses. People could also be less willing to use Google and Apple app stores in response to this, the analyst added.

Another concerning aspect is that the court order was supposed to have been sealed, and Forbes apparently managed to get a copy of it beforehand. One would assume future court orders won’t make that mistake, and people won’t even be able to find out about them.

Presumably the various civil liberties organizations, not to mention Google and Apple themselves, are lawyering up to stop this. Because the precedent, if this passes, is pretty scary.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: