“Our telecommunications networks were not wired for privacy. They were not designed for digital security.”
When the telecommunications industry began to shift away from analog phones in the 1990s and telephone companies started building the networks to accommodate them, they didn’t have privacy in mind. In fact, these networks were built with the intent of giving law enforcement and the intelligence community the ability to access any communication at any time, said Soghoian.
As anyone with a cell phone can attest, Silicon Valley companies have disrupted the business models of traditional telecommunications companies. (The text message is a good example: What once cost customers 20 to 30 cents per text — a huge source of revenue for phone companies — became free when Apple rolled out iMessage in 2012, no user opt-in required. Soon after, other companies developed free alternatives to text messaging, such as WhatsApp, Viber and Facebook Messenger.)
Granting government access to telecommunication networks, however, persists for many providers, including Silicon Valley disruptors. The exception is Apple. The result is what Soghoian describes as two-tiered consumer privacy: full protection from government prying for those people who can afford Apple products — and something less for everybody else.
Last year, Apple CEO Tim Cook announced that his company would now be in the business of protecting customers’ digital privacy and provide “end to end” encryption on iPhones: Devices running the most recent versions of iOS can no longer be unlocked by the company even if it were faced with a warrant from authorities. Only these phones’ users have access to data on their Apple device.
“Apple’s customers got security without having to do any work, without having to think about security, without having to research anything, without having to go into any configuration options, which none of us ever do. Apple’s customers got security for free,” he said.
This end-to-end encryption, which is turned on in Apple’s devices by default, is a major step in the right direction. But it’s not enough, Soghoian said.
The other major mobile device OS, Google’s Android, is a different beast. Google doesn’t manufacture its smartphones — OEMs do. And they are not as keen on keeping up with the speed of encryption technology. If you walk into a store today and buy an Android phone, it’s unlikely to have data encryption turned on by default.
That’s why Android smartphone manufacturers have been able to keep its prices so low, at $50 to $100 a pop. Apple’s devices are sold for about $600 or $700 each, on average.
The resulting “digital security divide” is a problem, Soghoian said.
“What does it mean when the phone used by the rich is encrypted by default and cannot be surveilled? And the phones used by those in the global South, and the poor and the disadvantaged in America, cannot protect themselves from surveillance?” he asked the audience.
Soghoian’s bottom line? It’s promising that Apple has taken the lead in building devices that are encrypted by default, and in some cases even “frustrate” law enforcement surveillance. But these devices should not just reach the higher tiers of our society — the rest of Silicon Valley should follow Apple’s suit.
“Everyone should be free of surveillance,” Soghoian said.