Amid an Inconclusive Answer on Encryption, Hillary Reveals She Doesn’t Understand How Metadata Works

Less than a mile from my house (at a small local tech firm called Atomic Object), Hillary Clinton got asked a question about encryption. After talking about the role of encryption in Atomic Object’s own work, one of the women asked (after 14:00; recording cuts out during her question),

What steps do you think government needs to take to make sure that the companies who build these,  create these products, keep our data secure. And also looking at the controversy between Apple and the FBI about encr–

After describing Healthcare.gov as the biggest tech failure in government because “it just didn’t really gel and there wasn’t enough testing,” Hillary admitted (in an apparent non sequitur) the government doesn’t do a good enough job protecting its own data.

We are woefully behind in the government in even protecting our own stuff. And so we’ve got to do a better job if we’re going to be a good partner with businesses to try to maintain privacy of data, whether it’s just customer data or whether it has real public consequences.

She then pivoted from what (I thought) was a project management issue, not a security one, to a long answer on the Apple v FBI that basically admitting not knowing (or being willing to say) what the right answer was.

With respect to the current legal controversy, between Apple and the FBI, I am someone who is just feeling like I am in the middle of the worst dilemma ever. I mean, think about it. Because there’s got to be some way to protect the privacy of data information. There’s got to be some way to avoid breaking encryption, however you describe it, and opening the door to a lot of bad actors. But there also has to be some way to follow up on criminal activity and prevent both crimes and terrorism. You guys are the experts on this. I don’t know enough about it to tell you how to do it. But I think that the real mistrust between the tech companies and the government right now is a serious problem that has to be, somehow, worked through.

I keep saying, you know, we have a lot of smart people in this country. You know, we invented the Internet, we invented, you know, the Internet of Things, we’ve invented all of this. Isn’t there some way without opening the door and causing even, you know, more and worse consequences to figure out how you get information?

Because I’m also very understanding of the position that law enforcement finds itself and and if any one of you were working at Quantico in the FBI lab, and you know, you had this phone that one of the terrorists in San Bernardino did and you wanted to find out who they communicated with and you know that could trace us back to somebody in this country, it could trace us back more clearly to somebody directing it overseas. You’d want to know that too.

So that’s what we need help on, so that we don’t make a grave error that affects our ability to maintain privacy and to protect encryption, but we also don’t open the door — because we know what happens, is these guys that are on the other side of us now, with ISIS and the like, they are really smart. A lot of them are well-educated. They’re not the image of just some poor guy coming to be a Jihadist. They are educated, they are increasingly computer literate, they are wanting to wage as much war and violence on Europe, the United States, as they can. They have learned, so they’re now using encrypted devices, why wouldn’t they? You know why would they be so stupid to continue to allow us to monitor where they are and what they’re doing? This is a problem. And it’s a problem we’ve got to come up with some way to solve. But I certainly am not expert in any way to tell you how to do it.

Right in the middle, however, Hillary reveals not understanding a key part of this controversy. To the extent Syed Rizwan Farook used the Apple software on his work phone to communicate with accomplices, we know who he communicated with, because we have that metadata (as Admiral Mike Rogers recently confirmed). We just don’t know what he said.

We wouldn’t necessarily know who he talked to if he used an App for which metadata was more transient, like Signal. But if so, that’s not an Apple problem.

Moreover, if ISIS recruits are — as Hillary said — smart, then they definitely wouldn’t (and in fact generally don’t) use Apple products, because they’d know that would make their communications easily accessible under the PRISM or USA Freedom programs.

This response is not really any different from what we’re getting from other to Obama officials. But it does come with some indication of the misunderstandings about the problem before us.

Marcy has been blogging full time since 2007. She’s known for her live-blogging of the Scooter Libby trial, her discovery of the number of times Khalid Sheikh Mohammed was waterboarded, and generally for her weedy analysis of document dumps.

Marcy Wheeler is an independent journalist writing about national security and civil liberties. She writes as emptywheel at her eponymous blog, publishes at outlets including the Guardian, Salon, and the Progressive, and appears frequently on television and radio. She is the author of Anatomy of Deceit, a primer on the CIA leak investigation, and liveblogged the Scooter Libby trial.

Marcy has a PhD from the University of Michigan, where she researched the “feuilleton,” a short conversational newspaper form that has proven important in times of heightened censorship. Before and after her time in academics, Marcy provided documentation consulting for corporations in the auto, tech, and energy industries. She lives with her spouse and dog in Grand Rapids, MI.

14 replies
  1. Bay State Librul says:

    Yeah. She knows nothing about software security and encryption. Leave it to the experts at Apple.

    Further proof that her e-mail fiasco was a case of mismanagement, rather than a nefarious plot?

    • jo6pac says:

      I totally agree and what a great escape and in the clinton world just another passenger thrown under the bus. It’s just another little person. I would like to think with even with my old tin-foil-hat on nothing happens to him. Oh right attacked by sharks while on vacation in Iowa;)

  2. orionATL says:

    complaining secretary clinton doesn’t know anything about metadata

    seems like an updated version of the old presidential-candidate complaint

    ” X isn’t fit to be president. he doesn’t even know the capital of magadishu” :))

    • emptywheel says:

      FOR FUCK SAKE ORION you’ve gone off your rocker.

      This site writes about national security and civil liberties. There is a BIG case going on, on this topic. It is one I’ve written about most top US officials as well. To suggest I’m picking on your poor little candidate bc she doesn’t know issues she’s been involved in (this was evident from her emails, btw) is well beyond batshittery.

      It so happens Hillary hasn’t answered this question elsewhere. It is NEWS that she did here. Not some fucking conspiracy theory.

      • orionATL says:

        no, i am quite steady and focused in my questioning.

        yes, this site does indeed writes about national security.

        yes, there are important cases abounding (and not just apple) that involve technical matters related to surveillance.

        but, that is not the issue i raise.

        the issue i raise is of fairness, of even-handedness, of playing gotcha with the candidates for the presidency.

        in 2008 the candidate you supported was obama.

        in 2008 there was a major recession going on.

        in 2008 i would have considered it a bonus if a presidential candidate knew something about economics, but i personally would not have made an issue of it if, as expected, they did not.

        in 2016 it would be a bonus if a candidate, ANY candidate, knew anything consequential about surveillance, like the importance of metadata, but i would expect NONE do.

        in 2000 a big deal was made of george bush not knowing his geography. it proved an inconsequential complaint.

        • orionATL says:

          @7 i wrote this:

          “… in 2016 it would be a bonus if a candidate, ANY candidate, knew anything consequential about surveillance, like the importance of metadata, but i would expect NONE do… ”

          i take the “none do” back.

          of the four major candidates – sanders, clinton, cruz, and trump – i’d bet only one candidate can articulately describe “metadata”.

          that would be ted cruz.

        • emptywheel says:

          Actually in 2008 Hillary and Obama were indistinguishable to me until such time as Hillary started treating MI’s primary as a real vote. I didn’t so much “support” Obama as “oppose” the campaign Hillary ran, as their policies were largely a wash.

          As for writing about what a candidate says in an almost unnoticed event I got notice of because it is quite literally in my neighborhood on a topic I write about all the time? If you have a problem with that you may stop frequenting this site, as it couldn’t be more squarely in my beat.

          • orionATL says:

            1) you were indeed offended by the campaign clinton ran in 2008.

            2) you are indeed offended in 2016 by the campaign clinton is running in 2016 according to multiple of your tweets printed here.

            3) there is no question of surveillance being your beat.

            4) even if surveillance weren’t your beat, it’s your weblog; you can write any damn thing you please.

            5) my criticism of this particular post clearly had nothing whatsoever to do with #3 or #4.

            it had to do with “what’s the point?”. who expects clinton, or sanders, or trump to know this? who really expected george bush to know his capitals? and what difference did it make to his presidency?

            6) as i’ve said here previously, if my commenting so offends you, send me an email asking that i not comment. i’ll honor that request.

  3. orionATL says:

    question for ew:

    when you were supporting candidate obama in 2008, did you question whether he knew anything about economics?

  4. P J Evans says:

    I’d guess that most people in Congress are clueless about metadata. (Some of them probably have never met the word.)

  5. lefty665 says:

    ” if any one of you were working at Quantico in the FBI lab, and you know, you had this phone that one of the terrorists in San Bernardino did and you wanted to find out who they communicated with and you know that could trace us back to somebody in this country, it could trace us back more clearly to somebody directing it overseas. You’d want to know that too.”
    .
    As you said from the headline on EW, Hillary apparently doesn’t understand metadata, or more likely finds it convenient not to. The FBI knows who that phone talked to, when, for how long and where both ends were.
    .
    Also, from what we’ve seen over decades, there likely is not much of any one at the FBI, Labs or otherwise, who could figure out what they’ve got in front of them.
    .
    You’ve remarked and documented several times that Comey has described the need for decryption as local criminal cases, not national security. The inference from his description of the non-response FBI got when they asked for help on the San Berdo phone is that NSA has the access they need (maybe even with Apple’s help) and they’re not going to let the FBI compromise it so local yokels can resolve fender benders.
    .
    The ticking bomb scare tactic was sleazy when invoked to justify torture. It is just as slimy when applied to encryption.

  6. Procopius says:

    It’s interesting that she doesn’t know what the metadata is, but what I find most annoying is, “… you had this phone that one of the terrorists in San Bernardino did …” From everything made public so far I’m convinced that Farook and his wife were not “terrorists” in any normally accepted definition, but were, collectively, a “disgruntled employee.” We don’t know the full story about *why* they stockpiled those weapons, especially the pipe bombs, but it seems more and more obvious that the people Farook worked with bullied him about his religion for years, something really egregious happened at the Christmas that caused Farook to leave in a rage, and that he, with his loyal and loving wife, came back a few minutes later to avenge his honor. Of course this runs entirely counter to the strategy of dividing and conquering the 99%, so the story has slipped out inadvertently, if dribbles that have never been followed up on. Yeah, I like some conspiracy theories more than others.

    • Procopius says:

      Whoops! inadvertent second posting. I was hoping to edit, not repost with a single word changed. In the above post, “… the Christmas …” should have been “… the Christmas party …” Please ignore the above and consider only the following post.

  7. Procopius says:

    It’s interesting that she doesn’t know what the metadata is, but what I find most annoying is, “… you had this phone that one of the terrorists in San Bernardino did …” From everything made public so far I’m convinced that Farook and his wife were not “terrorists” in any normally accepted definition, but were, collectively, a “disgruntled employee.” We don’t know the full story about *why* they stockpiled those weapons, especially the pipe bombs, but it seems more and more obvious that the people Farook worked with bullied him about his religion for years, something really egregious happened at the Christmas party that caused Farook to leave in a rage, and that he, with his loyal and loving wife, came back a few minutes later to avenge his honor. Of course this runs entirely counter to the strategy of dividing and conquering the 99%, so the story has slipped out inadvertently, if dribbles that have never been followed up on. Yeah, I like some conspiracy theories more than others.

Comments are closed.