The problem with giving law enforcement access to so many databases full of personal info and so many tech tools to fight crime is that, inevitably, these will be abused. This isn’t a law enforcement problem, per se. It’s a people problem. When the job demands the best people but still needs to maintain minimum staffing levels, things like this happen:
A French police officer has been charged and arrested last week for selling confidential data on the dark web in exchange for Bitcoin.
French authorities also say the officer advertised a service to track the location of mobile devices based on a supplied phone number. He advertised the system as a way to track spouses or members of competing criminal gangs. Investigators believe Haurus was using the French police resources designed with the intention to track criminals for this service.
He also advertised a service that told buyers if they were tracked by French police and what information officers had on them.
The discovery of the officer’s misconduct came to light after French police shut down a dark web market. That there was a cop selling cop stuff to criminals on the dark web is inevitable. If it wasn’t this investigation, any of the dozens of others happening around the world would have uncovered a law enforcement officer doing bad things. Two of the federal agents involved in the Silk Road investigation ended up being charged with money laundering and wire fraud after they stole Bitcoin and issued fake subpoenas to further their own criminal ends.
Again, it’s a people problem — one that’s present anywhere people are given power and access not present in most jobs. The problem is government agencies, in particular, tend not to hold their own employees accountable and work hard to thwart their oversight. The more brazen examples of government malfeasance are enabled by the dozens of smaller infractions that go unpunished until they’re the subject of a lawsuit or government investigation.
More to the point, this is exactly why no government agency — not to mention the private companies involved — should be allowed to utilize encryption backdoors, as the EFF’s Director of Cybersecurity, Eva Galperin, pointed out on Twitter. It’s not just about the hundreds of malicious hackers who will see an inviting, new attack vector. It’s that no one — public or private sector — can be completely trusted to never expose or misuse these avenues of access. And since that’s a fact of life, sometimes the best solution is to remove the temptation.