As much as I love capitalism, there's a few differences as you go up in tiers beyond just room limits. Today the most notable is the ability to manage more than one office location. In time it will will expand since certain things (i.e. SAML, high resolution analytics, audit logs) aren't needed by the typical 5 conference room company. The more stuff you're managing, the more complex the relationships become -- not just an N + 1 operation.
It's generally not a dealbreaker for most offices. With external battery packs you can get extra days, or you could just get a free standing mount that moves closer to a nearby outlet. Most commercial buildings require power every 8 feet or so on walls, so you're rarely in a power desert.
Couple perspectives you might find interesting (I say this having to learn the lay of the land over the past year myself):
Most offices are designed with 1 conference room per 10-20 employees. If you have 15 conference rooms you probably have well over 100 employees and many millions in payroll. Those people presumably have many meetings, and the cost of not being able to get their job done is measurable.
Conference rooms can be between 200-300 sq feet, so if you have a 15 of them you're looking at several thousand sq ft on your lease. Depending on where you are in the world, that's probably around $10K/month or so in real estate.
The effective rate is about $17/month/room, which in most cases is tiny compared to the cost of mismanaging office space and productive time above.
1 conference room per 20 employees? Really? That ratio is much higher than I've seen at any of the companies I've worked at. 10 seems nearer to the mark.
We have 300 employees in this particular location. We bought an alternative solution for $12k with a licence for up to 75 rooms, for a one-time fee.
I don't support what the government is trying to do here, but minimizing this issue like this is not doing us any favors.
The issue isn't that law enforcement can no longer "look around" your phone. The issue is that they can no longer get a warrant and use what is on your phone as evidence in an investigation or court case without the phone owner's cooperation. Basically your phone goes from being personal property that can be used against you as evidence to an extension of your mind that is now subject to 5th amendment protection. That is a big shift.
In terms of your originally analogy, encryption isn't a simple door lock, it is a magical warrant proof lock. I certainly understand why law enforcement wouldn't be happy about this.
We should ban the ownership of non-trivial safes for the same reason then. We should also prevent people from writing things in non-approved languages, in case in makes the understanding of things more difficult when a warrant is served.
Hell, if I just hide my information in a stack of a million other paper files, that would be enough to thwart all but the most determined investigator from accessing it without my cooperation.
A long time ago I worked in a guarded military vault with lots of safes - I've never seen one that would take more than an hour or two to break into. The idea is to slow an attacker down long enough that they can be detected and security can get on the scene to deal with them.
None of your examples would prevent an investigator from finding evidence, only delay them. Strong encryption enabled by default could slow down an investigation to the point where it would go on past the heat death of the universe.
There have always been tools and procedures for destroying documents to prevent unwanted access.
What's very very bad about this, in addition to the direct effects on people's privacy, is that it creates a class system of people who are allowed access to strong encryption while the cattle being farmed on this plantation are not.
What's very very bad about this, in addition to the direct effects on people's privacy, is that it creates a class system of people who are allowed access to strong encryption while the cattle being farmed on this plantation are not.
This restricts access to strong encryption by a broad range of ordinary people. It's discriminatory. It creates a class system. Shepherds and mutton-eaters vs. the sheep. "Privacy for the rich/powerful/savvy, but not for you."
Yes, I understood that. What I didn't understand is what you meant by "this". Do you mean, the move by Apple and Google? Or the FBI? And in any case, how so?
They can get a warrant, and they can use anything they find as evidence.
Encryption might make it hard for them to find much of use, but that's not our problem. A really sturdy safe will make it difficult to execute a warrant too, but that's not an argument for deliberately compromising the integrity of safes.
I can, of course, understand why law enforcement wouldn't be happy about this. They shouldn't be happy about this. But the rest of us should be perfectly happy to tell them to pound sand.
As I've pointed out in another comment on the thread, I've never come across a safe that couldn't be drilled in a few hours, and that's without any government intervention to compromise their integrity. Strong encryption is an entirely different beast.
How about encasing something in 20ft of reinforced concrete and then sinking it to the bottom of the ocean?
Strong encryption may be tougher to break but I disagree that it's entirely different. It's merely a quantitative difference. It's a standard principle that the police can break into whatever they can if they have a warrant, but they can't force you to make things easy for them ahead of time.
You can keep coming up with analogies that are increasingly more difficult for the cops to get into, but ultimately it's just an exercise in sophistry. Only when people begin commonly storing their belongings inside 20ft of reinforced concrete at the bottom of the ocean will it become analogous to seeking a warrant to gain access to their phone.
Law enforcement (and the powers it necessarily must be granted) is intended to be harder. That's the whole point of the various requirements and procedures that make up "due process". Yes, we could catch more criminals a lot faster if we relaxed those requirements, but history shows that always increases the error rate.
If the situation has changed and there are legitimate law enforcement needs that simply didn't exist in the past, then they should request a change to the social contract through legitimate channels and propose the necessary amendment to the constitution. Law enforcement's failure to even try going through proper channels speaks loudly to how little they actually respect the law.
> Law enforcement's failure to even try going through proper channels speaks loudly to how little they actually respect the law.
Why do you say they aren't going through the proper channels? Law enforcement officials have just as much right to make their viewpoints heard through the press as you and I have. If they feel the need to seek new legislation, they would need to make the argument in advance in order to gain support any bills being proposed. Unless the Supreme Court thinks otherwise, I doubt a constitutional amendment would be necessary, but that depends largely on what was being proposed. I haven't seen any evidence that any law enforcement official is disrespecting any law with regards to this issue.
Parallel construction is one huge disrespect for the law; it hides the real accusation and necessarily requires hiding evidence from the defendant. It is a blatant attempt to bypass the "fruit of the poisonous tree" doctrine and the 4th amendment. There are probably other legal problems too, depending on the specifics of the case.
I'm not really suggesting that an amendment is (or should be) necessary, because the surveillance that is going on (and being passed down[1] from the NSA to the FBI, DEA, and local departments). These activities should not be necessary at all for law enforcement, as the warrant system is easily sufficient to allow any necessary searches. Even if a specific device such as cell phone is inaccessible (despite having a valid warrant), that doesn't stop any policeman from conducting traditional (in person) surveillance or upstream wiretaps.
Yet police insist they need far broader access and we have numerous examples of the 4th Amendment warrant requirements being ignored[2]. IFF their claims have merit, the proper way to get exceptions to needing warrants would be an amendment, which has not been suggested. There could be some edge cases where "merely" a circuit court or SCOTUS ruling could "find" additional powers for police, but it doesn't matter - I don't see the the various TLAs trying to setup a test case on this matter, either. Instead we see many cases where law enforcement (and/or people in Obama's administration) have tried to prevent lawsuits from going forward.
[1] [pdf] https://s3.amazonaws.com/s3.documentcloud.org/documents/1011...
Some of the training slides and request forms. Especially interesting is how often they repeat the need to keep the practice secret, including having a 24-hour hotline local police can use to get advice on how to hide the source even if they have to immediately give testimony in court. I believe (and a friend of mine who is a lawyer agrees) that these repeated statements like "To use it, we must protect it, or lose it." easily counts as mens rea.
[2] Riley v. California being a notable exception, though I know at least two friends that had their phones searched (in their presence) just a couple weeks ago in Oakland, CA; some departments haven't gotten the message yet, unfortunately.
Two points with regards to that: 1) Parallel construction has nothing to do with the iPhone encryption issue. 2) People tend to overlook a few key points from the original Reuters article[1] that introduced the concept of parallel construction:
(emphasis mine)
"...Today, the SOD offers at least three services to federal, state and local law enforcement agents: coordinating international investigations such as the Bout case; distributing tips from overseas NSA intercepts, informants, foreign law enforcement partners and domestic wiretaps; and circulating tips from a massive database known as DICE. ...
...Wiretap tips forwarded by the SOD usually come from foreign governments, U.S. intelligence agencies or court-authorized domestic phone recordings. Because warrantless eavesdropping on Americans is illegal, tips from intelligence agencies are generally not forwarded to the SOD until a caller's citizenship can be verified, according to one senior law enforcement official and one former U.S. military intelligence analyst."
Nonsense - parallel construction (and any other widespread use of the capabilities the NSA/etc is providing to other "their customers" (DEA/FBI/various-local-PD)) is likely the primary reason for this attack on Apple and encryption on the iPhone. The data covered by that kind of encryption would likely be of very limited use for national security; the NSA gets most of the data at the backbone switches anyway, and encryption doesn't do anything to prevent relationship mapping from logs of routing metadata. Also, any kind of targeted investigation could simply bypass encryption by installing custom firmware. Several of the tools in the TAO catalog were based on that style of attack.
What would be lost with local iPhone encryption keys is the ability to gather large amounts of data by strong-arming Apple (Prism, possibly). Note that most of the people freaking out over Apple's changes are not NSA. It is law enforcement who is fearing losing their access; the same law enforcement that would be using parallel construction to actually use the data that logically they didn't have a warrant to search and seize. (if they did have a warrant, they can bypass the encryption with various other ways, which apparently includes compelling passwords)
As for the Reuters article, I linked to a specific document that was a follow-up to that Reuters article, which had very little to do with foreign governments, and a lot to do with protecting access to the surveillance infrastructure. If you want the TL;DR version (understandable; it's 300 pages of slides and forms), [1] is a decent overview though it lacks some of the relevant details.
This issue has absolutely nothing to do with the NSA. As you point out yourself, this applies only to data stored locally on the phone. When was the last time the NSA had physical access to your phone?
Your argument seems to be that law enforcement wants to keep the phones unencrypted so that they can seize them with a warrant, hand them over to the NSA, and then the NSA can hand the data back to the police using "parallel construction" in order for the police to hide where the data came from (i.e.: acquired lawfully by the police with a warrant)
> Basically your phone goes from being personal property that can be used against you as evidence to an extension of your mind that is now subject to 5th amendment protection.
Actually, it does not go that far. The 5th Amendment protects people from being forced to inciminate themselves. Otherwise, a person could be charged with contempt of court, obstruction of justice, or similar crimes. Someone who refuses to decrypt their data when subject to a warrant will face that penalty, just like someone who refuses to answer a subpeona or destroys documents relevant to a counrt case.
Whether or not giving up a password or unlock code is protected by the 5th amendment is itself a gray area that the courts are still sorting out.
I would prefer to have the password NOT be protected by the 5th amendment and have strong encryption on phones than not have strong encryption on phones. That seems like the only way to prevent casual warrantless rummaging.
"Basically your phone goes from being personal property that can be used against you as evidence to an extension of your mind"
Yes, and...? That sounds about right. An implanted device wired directly to your brain seems like the ultimate conclusion to this age of "wearables" we're just now entering.
For series 10, absolutely. Their series 20 seems to have better battery life (4 AA), but they need to "approve" you in order to purchase them... still yet to see one in the wild.
Love this. We've been working on a version of this for the office at Robin (http://getrobin.com). Biggest challenge so far has been getting interop across Android and iOS. Beacons are reliable if you have a binary "are they or aren't they here?" but a bit harder to map to smaller rooms when certain Android devices register a signal difference of 4X depending on physical orientation -- that was a fun one to figure out.
