Abstract: As the use of encryption and other privacy-enhancing technologies has increased, government officials in the United States have sought ways to ensure law enforcement’s capability to access communications and other data in plaintext. One of those methods is government hacking, also called “equipment interference.” Government hacking allows investigators to exploit hardware and software vulnerabilities to gain remote access to target computers. Some experts believe regulated government hacking is preferable to proposals for mandatory “backdoors” for accessing encrypted data. However, the security risks of government hacking have not been thoroughly explored. Understanding those risks is necessary for technologists and policymakers assessing the desirability of government hacking as a responsible option for law enforcement to achieve its objectives.
The Center for Internet and Society at Stanford Law School is a leader in the study of the law and policy around the Internet and other emerging technologies.