Cellebrite Asks Law Enforcement Clients to Keep Its Phone Hacking Tech Secret
by Jo Ellen Nott
Cellebrite—the Israeli digital intelligence company that provides data extraction tools for law enforcement to collect, analyze, and manage digital data—is asking its customers to keep the technology a secret.
For years, Cellebrite has tried to keep the technology of its products secret and has urged law enforcement agencies purchasing its best-selling product, the UFED (Universal Forensics Extraction Device) to be hush-hush about using the device. A training video for Cellebrite takes it even one step further by advising the user of the hardware to stay quiet as well.
In a transcript that TechCrunch published of the training video used to teach companies about the UFED, a senior company employee emphasizes the need to keep the capabilities of the UFED secret for several reasons. The employee/instructor cautions that “it’s super important to keep all these capabilities as protected as possible” to enable Cellebrite to continue investing in research and development, to keep ahead of bad actors who try to steal the technology, to combat advances made by cellphone manufacturers to keep their product secure, and to limit unavoidable courtroom disclosures that could comprise the effectiveness of its flagship product, Cellebrite Premium.
The instructor also talks about the components of the premium UFED system and the need to physically protect the device. He calls the bits and pieces of the device “highly sensitive assets” that should not be tampered with or disabled because getting a replacement takes a long time, and during that time, the agency will lose its capability to perform data extraction from cellphones.
The training video also warns against sharing any of the premium capabilities of the UFED in face-to-face conversations, over the phone, on online discussion groups, or via email. The video advises to not disclose too much in court reports or in-house manuals or technical documents. The training reminds users that written materials can be requested by outside auditors for ISO 17025 or Freedom of Information Act requests.
Cellebrite argues that keeping its technology secret is necessary to prevent criminals from learning how to exploit it. Cellebrite’s argument that secrecy is necessary to prevent bad actors from using the technology is countered by the company’s critics who argue that this secrecy is harmful to the public interest. Legal experts are concerned that this secrecy could make it difficult for defendants to get a fair trial.
“Cellebrite’s secrecy is a problem because it makes it difficult for defendants to challenge the evidence against them,” asserted ACLU attorney Nathan Freed Wessler. “When defendants don’t know how the evidence was obtained, they can’t argue that it should be suppressed.”
Cellebrite spokesperson Victor Cooper said that it is “committed to supporting ethical law enforcement” and that the tools are made “with the utmost respect for the chain of custody and judicial process.”
Cellebrite’s secrecy is a complex issue with no easy answers. It is important to protect defendants’ rights and ensure that they have a fair trial. But it is also important to allow law enforcement agencies to use the tools they need to investigate crimes and protect public safety. Ultimately, it will be up to the nation’s courts to decide how to balance these competing interests.
Sources: Appleinsider, TechCrunch
