SurveillanceHolding law-enforcement accountable for electronic surveillance

By Adam Conner-Simons

When the FBI filed a court order in 2016 commanding Apple to unlock the iPhone of one of the shooters in a terrorist attack in San Bernandino, California, the news made headlines across the globe. Yet every day there are tens of thousands of court orders asking tech companies to turn over Americans’ private data. Many of these orders never see the light of day, leaving a whole privacy-sensitive aspect of government power immune to judicial oversight and lacking in public accountability.

To protect the integrity of ongoing investigations, these requests require some secrecy: Companies usually aren’t allowed to inform individual users that they’re being investigated, and the court orders themselves are also temporarily hidden from the public.

In many cases, though, charges never actually materialize, and the sealed orders usually end up forgotten by the courts that issue them, resulting in a severe accountability deficit.

To address this issue, researchers from MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) and Internet Policy Research Initiative (IPRI) have proposed a new cryptographic system to improve the accountability of government surveillance while still maintaining enough confidentiality for the police to do their jobs.

“While certain information may need to stay secret for an investigation to be done properly, some details have to be revealed for accountability to even be possible,” says CSAIL graduate student Jonathan Frankle, one of the lead authors of a new paper about the system, which they’ve dubbed “AUDIT” (“Accountability of Unreleased Data for Improved Transparency”). “This work is about using modern cryptography to develop creative ways to balance these conflicting issues.”