During the course of the government’s aborted attempt to force Apple to create a backdoor to access the San Berdoo shooter’s iPhone, the geeks kept muttering under their breath, “WhatsApp.” They weren’t crazy. This time. It just wasn’t the issue on the table at the moment. Focus isn’t their strong suit.
But now that the government has pretended to have cracked the iPhone problem, in the face of a potential scorched earth ruling like the one they were handed in Brooklyn, with tons of people arguing that they were full of shit and only a handful of Nancy Grace fans thinking that Jim Comey and Cy Vance were particularly handsome devils, the heat is off Apple. The time has come to consider the next new thing in encryption.
Mountain View is home to WhatsApp, an online messaging service now owned by tech giant Facebook, that has grown into one of the world’s most important applications. More than a billion people trade messages, make phone calls, send photos, and swap videos using the service. This means that only Facebook itself runs a larger self-contained communications network. And today, the enigmatic founders of WhatsApp, Brian Acton and Jan Koum, together with a high-minded coder and cryptographer who goes by the pseudonym Moxie Marlinspike, revealed that the company has added end-to-end encryption to every form of communication on its service.
The first disturbing thing is that WhatsApp is owned by Facebook. It’s not that Facebook isn’t entirely trustworthy, though it’s not entirely trustworthy and the snotty kid in charge would sell you out in a second. But even assuming Zuckerberg would take a hit by defying the government as he simultaneously datamines your life to sell to anyone with a buck, WhatsApp seems to offer a means of privacy that even he can’t screw up.
From the outset of the debate over digital privacy, it was my view that the nerds didn’t “get” how the government, the courts, would deal with it. They argued code. They’re so naïve, I responded. Some judge will eventually get bored listening to a lawyer explaining the technical details of encryption, turn to his courtroom deputy and say, under his breath, “enough of this shit, call the Marshals.” He would then announce, in his best stentorian voice, “you are held in contempt for your refusal to comply with this court’s order. Marshals, take charge.”
The law is a bludgeon.
I would give the nerd a week in the pokey, unable to sit down, before he starts begging to code, hacking like his life depends on it. Can you see Zuckerberg eating nutraloaf? I can’t. It’s hard after you’ve experienced a ’62 Margaux.
In other words, the government doesn’t have to outsmart encryption. It just needs to get a judge, one judge, one dinosaur judge, to drop the hammer. The law doesn’t need to explain itself to everyone’s satisfaction. It just needs some simple black letter rule, like “the law is entitled to every man’s evidence,” to make its ruling stick. How you get to that evidence is your problem. How the law makes you get there is easy. Bludgeon.
But maybe, just maybe, in the war of attrition between the government and devs, there is another factor at play that alters the calculus. If the government “cracks” one iPhone, a new app will spring up to take its place. If the government jails the guy who refuses to spew about the next encrypted drive, ten new apps will appear. A hundred. A thousand.
You see, it’s not that the Department of Justice doesn’t have a bunch of smart, zealous lawyers working for it, all bent on getting either a corner office at Biglaw or a bench of their own someday. They’re up to their eyeballs in future Bill Otises, until they get a new paymaster (at which point they’ll “see the light”). And they certainly don’t lack for funds, since there will always be more money in your pocket from which to fund their critical mission to save us from the terrorists.
No, the DoJ’s got a strong hand to play. But there are nerds out there. Lots of nerds. Lots and lots of nerds. And if they start writing code, start creating apps, start encrypting, and keep encrypting, they may create more nightmares for the government than the court has bludgeons.
Sure, some will suffer. The early adopters, the thought-leaders, the ones who have the grave misfortune of finding themselves in the government’s cross-hairs. They may even be tortured, if the government is shifty enough. Could they withstand porn-boarding, being forced to learn that sexual relations exist off the internet but just out of their reach beyond the cell door? Would they hold up?
There would be “messages” sent to the other coders, that if they persist in defying the government’s bludgeon, they too will find themselves unable to check their twits.
But if they are strong enough to withstand the pressure, to be willing to take one for the team, to find strength in binary numbers, they could prevail. WhatsApp may be the latest flavor of encryption, end to end, but if there is more, a hundred more, a thousand more, can the government beat them all?