"We are confident that there are technical solutions that will allow lawful access to encrypted data and communications by law enforcement, without materially weakening the security provided by encryption."https://arstechnica.com/tech-policy/2019/07/tech-firms-can-and-must-put-backdoors-in-encryption-ag-barr-says/
He also accused tech firms of "dogmatic" posturing, saying lawful backdoor access "can be and must be" done, adding, "We are confident that there are technical solutions that will allow lawful access to encrypted data and communications by law enforcement, without materially weakening the security provided by encryption."
So, from an administrative standpoint, how will this work?
1. Will Apple and Google spy on devices that run Android or iOS, and pass on what they find to a police officer with a warrant?
2. Will police have some sort of master key provided by Apple and Google that will allow them to spy on devices?
If (1), how, exactly, will Apple and Google verify the warrants? What if employees of Apple and Google decide to spy on devices without seeing a warrant presented by a police officer? How would this be detected? How will Apple and Google verify that the warrant is real? (Fake court orders presented to Google to de-list sites are already a huge problem.)
If (2), how will police officers be physically prevented from spying on devices without a warrant? How could that prevention be possible? How could unauthorized use be detected?
If either (1) or (2), there would have to be a way to access the device being spied on.
1. This could be done with a physical device made by Apple or Google, or
2. It could be done with software created by Apple or Google.
If (1), how is access to this device to be supervised? If someone can obtain access to the device, it can be reverse-engineered. How can you guarantee that unauthorized access is impossible? If a work-alike device is created, how can this be detected? How can its use be detected?
How can you prevent the engineers at Apple and Google that made the devices from making devices of their own that serve the same functions? How can you detect whether such a device exists and is being used?
If (2), the same questions apply. With software, there is also the question of how you can guarantee that unauthorized copies aren't made. Copying a physical device takes time and money. Copying software is essentially instantaneous and completely free of cost. (People who make unfree software are always complaining about this fact.)
My point is that what Barr thinks of as the "technical solutions" are probably not the hardest problems to solve to get what Barr wants. I've asked many questions here that I'm not sure can be answered, even in principle. Creating software and hardware is easy. Creating people with power that don't often abuse that power is a problem that's always existed, and, after about 200 millennia, no progress has been made toward a solution. Until we can deal with the corruption caused by present police powers, isn't it foolish to create whole new powers.
He's tired of "dogmatic announcements that lawful access simply cannot be done."arstechnica.com