Law enforcement officials cannot legally open encrypted documents when investigating a computer's contents obtained during a legal search. If the U.S. Justice Department gets its way, however, investigators will soon have the authority to hack until their hearts are content.
The law doesn't allow investigators to fully crack password protections or open encrypted documents. The Cyberspace Electronic Security Act (CESA), a proposed by the Department of Justice before the Office of Management and Budget (OMB), would change that.
"Essentially, Justice is not looking for any more authority than it already has in obtaining evidence," a Clinton administration official said. "The agency is looking to update its authority so that it is appropriate for the current level of technology. … What Justice is looking for is the authority to get plain text, photos, or whatever, so they're looking for the encryption key."
Procedure calls for the OMB to circulate the proposals to other agencies, such as the Commerce Department and Treasury Department, for comment. The OMB can then issue an administration proposal and could send the act to legislators or have the Justice Department do so.
The Justice Department's main argument in pushing for the act is a case in which a suspected group of terrorists is under surveillance, but its encrypted documents are not accessible to investigators.
"If we don't have the key to decode the encryption, Justice may be missing out on time," the official said. "These documents may spell out when, where, and how."
Privacy experts aren't exactly thrilled. "This is the scariest proposal we've seen come out of the government in a long time," said David Sobel, general counsel for the Electronic Privacy Information Center. "We see this as a major expansion of the most intrusive investigative techniques used by law enforcement, which is the surreptitious entry to private premises."