The major problem law enforcement faces in obtaining digital evidence is not the encryption of devices but figuring out which company holds the relevant data and how to get it, according to a study released Wednesday by the Center for Strategic and International Studies.
Though much of the debate around access to digital evidence has focused on the challenges law enforcement agencies face in cracking encrypted devices or decoding encrypted data, CSIS researchers William A. Carter and Jennifer Daskal have found that the biggest hurdle is actually identifying the phone or email service provider that holds the data.
Obtaining the data sought once the company has been identified ranks a close second, they found.
The issue may seem obscure, but it matters to the thousands of state and local police departments that investigate the majority of violent crimes in the country, the researchers said. In the past, agents with a search warrant could conduct searches of a house or other property on their own, but today more and more of the evidence they seek lies in communications stored by distant technology firms.
The study was based on a survey of hundreds of federal, state and local agencies across the country as well as on dozens of in-person interviews with representatives from a range of entities, including the FBI, state and local law enforcement, major tech firms and privacy groups.
Law enforcement representatives reported that they face problems gaining access to and using digital evidence in more than a third of their cases, a statistic the authors said they expect to grow if national attention is not brought to the issue.
A large part of the problem is a lack of trust between law enforcement and the service providers, the authors found.
“Law enforcement officials expressed deep frustration at what they perceive as slow response times and the inability to talk to an actual human being on the provider side who can help them work through any issues with requests,” the study said.
The officials said they felt that requests for data were rejected if they did not use “the right ‘magic words’ ” or use the same terms as providers, the authors wrote.
Officials also suggested that some companies were deliberately seeking to bar access to data, even when the agency had a warrant or other legal order. They complained that data was turned over in unwieldy or unstructured formats. And, in particular, they voiced concern that data was being made available to advertisers and other business customers that was not shared with them.
The tech firms, for their part, “described deep-seated frustration with what they viewed as overbroad and boilerplate requests from law enforcement,” the study found. “They argued that law enforcement does not appreciate their dual responsibility” to comply with lawful data requests and protect their users’ privacy.
In particular, the report said, providers complained of requests that were not “appropriately tailored.”
Company representatives also described efforts to train law enforcement and develop guidance to help investigators know what to ask for.
The study found that the number of law enforcement requests for data has increased significantly over time. Last year, there were more than 130,000 requests for digital evidence to just six tech companies — Google, Facebook, Microsoft, Twitter, Oath (formerly Yahoo) and Apple. Facebook and Google got the bulk of the requests.
That compared with about 88,000 such requests to those six companies in 2014.
But the response rate has remained consistent. Companies are rejecting more requests in absolute numbers but at the same rate of roughly 20 percent, the study found.
Carter and Daskal called on Congress to authorize the Justice Department to set up a national digital-evidence office to address the problems. The office, they said, should work with federal, state and local law enforcement and facilitate cooperation with service providers.