A federal judge in California ruled this month that the government cannot force Facebook to break the encryption on its popular Messenger voice app in a criminal case in which agents wanted to intercept a suspect’s conversations, according to several individuals familiar with the case.
The decision, which remains under seal, dealt a setback to the Justice Department, which sought to compel Facebook to figure out how to give it access to the encrypted communications.
It is a welcome development, however, for tech firms as they try to fend off government pressure to design their devices and services to accommodate surveillance while they build stronger encryption to safeguard their customers’ privacy.
The legal battle arose from an investigation in the Eastern District of California into the MS-13 gang, a violent transnational criminal group whose members President Donald Trump calls “animals.” Trump has cited crimes committed by MS-13 members as justification in part for his hard-line immigration policies.
The ruling was first reported Friday by the Reuters news agency.
Federal law requires telecommunications providers to build their systems with wiretap capabilities, but Facebook Messenger wasn’t a service covered by the statute, the company argued. The company built Messenger with “end-to-end” encryption, meaning that the voice signals are encrypted in transit between phones, and the firm has no means to decode them.
Devising a way to give law enforcement access to Messenger voice calls would be burdensome and costly, and would exceed the Wiretap Act’s “technical assistance” provision, Facebook argued. The judge sided with the company, according to people familiar with the case.
In August, the department sought to hold Facebook in contempt for refusing to carry out its surveillance request, Reuters reported.
Facebook and the Justice Department had no comment Friday.
The Wiretap Act provision states that the company “shall furnish technical assistance necessary to accomplish the interception unobtrusively and with a minimum of interference” to the service.
“The question in these cases often is, ‘What’s the minimum of interference?’ ” said Jennifer Granick, surveillance and cyber-security counsel at the American Civil Liberties Union.
The Fresno case has played out quietly in contrast with the high-profile showdown in early 2016 between the Justice Department and Apple. The government sought to force Apple to break into a dead terrorist’s locked iPhone as part of an investigation into the attack in San Bernardino, California, that left 14 dead and 22 injured.
In that case, federal authorities served a court order on Apple to force it to disable a security feature that wipes the phone’s data after 10 incorrect attempts at entering a password. Just before oral arguments were to begin, the FBI found a third-party solution to crack the device and the department withdrew its motion.
The case reignited a national debate over how to reconcile competing desires to protect public safety and safeguard user privacy. The Obama administration wrestled with the issue and opted not to pursue legislation to force tech companies to build surveillance capabilities into their services.
Under Trump, the Justice Department is taking a more aggressive posture.
“Warrant-proof encryption is a serious problem,” Deputy Attorney General Rod Rosenstein said in a speech in October. “Technology companies almost certainly will not develop responsible encryption if left to their own devices,” he said. “They are in the business of selling products and making money . . . We are in the business of preventing crime and saving lives.”
He did not offer specific policy proposals, but did not rule out legislation.
“There is broad concern among the Internet and telecommunication companies about what the limits of ‘technical assistance’ provisions are and how much private sector engineers can be forced to solve the government’s access problems,” said Mieke Eoyang, vice president for the national security program at Third Way, a center-left think tank.
“There are very serious questions about Congress’ ability to understand the technical challenges to be able to effectively regulate in this area.”