FBI document shows what data can be obtained from encrypted messaging apps (2024)
A recently discovered FBI training document shows that US law enforcement can gain limited access to the content of encrypted messages from secure messaging services like iMessage, Line, and WhatsApp, but not to messages sent via Signal, Telegram, Threema, Viber, WeChat, or Wickr.
The document,obtained earlier this monthfollowing a FOIA request filed by Property of the People, a US nonprofit dedicated to government transparency, appears to contain training advice for what kind of data agents can obtain from the operators of encrypted messaging services and the legal processes they have to go through.
Dated to January 7, 2021, the document doesn't include any new information but does a good job at providing an up-to-date summary of what type of information the FBI can currently obtain from each of the listed services.
As Forbes reporter Thomas Brewstersaid on Twitterearlier this week, past news reports have already exposed that the FBI has legal levers at its disposal to obtain various types of personal information even from secure messaging providers that often boast about providing increased privacy to their users.
While the document confirms that the FBI can't gain access to encrypted messages sent through some services, the other type of information they can glean from providers might still help authorities in other aspects of their investigations.
The content of the document, which may be hard to read due to some font rendering issues, is also available in the table below.
App
Legal process & additional details
Apple iMessage
*Message content limited. *Subpoena:can render basic subscriber information. *18 USC §2703(d):can render 25 days of iMessage lookups and from a target number. *Pen Register:no capability. *Search Warrant:can render backups of a target device; if target uses iCloud backup, the encryption keys should also be provided with content return can also acquire iMessages from iCloud returns if target has enabled Messages in iCloud.
Line
*Message content limited. *Suspect's and/or victim's registered information (profile image, display name, email address, phone number, LINE ID, date of registration, etc.) *Information on usage. *Maximum of seven days worth of specified users' text chats (Only when E2EE has not been elected and applied and only when receiving an effective warrant; however, video, picture, files, location, phone call audio and other such data will not be disclosed).
Signal
*No message content. *Date and time a user registered. *Last date of a user's connectivity to the service.
Telegram
*No message content. *No contact information provided for law enforcement to pursue a court order. As per Telegram's privacy statement, for confirmed terrorist investigations, Telegram may disclose IP and phone number to relevant authorities.
Threema
*No message content. *Hash of phone number and email address, if provided by user. *Push Token, if push service is used. *Public Key *Date (no time) of Threema ID creation. Date (no time) of last login.
Viber
*No message content. *Provides account (i.e. phone number)) registration data and IP address at time of creation. *Message history: time, date, source number, and destination number.
WeChat
*No message content. *Accepts account preservation letters and subpoenas, but cannot provide records for accounts created in China. *For non-China accounts, they can provide basic information (name, phone number, email, IP address), which is retained for as long as the account is active.
WhatsApp
*Message content limited. *Subpoena:can render basic subscriber records. *Court order: Subpoena return as well as information like blocked users. *Search warrant: Provides address book contacts and WhatsApp users who have the target in their address book contacts. *Pen register: Sent every 15 minutes, provides source and destination for each message. *If target is using an iPhone and iCloud backups enabled, iCloud returns may contain WhatsApp data, to include message content.
Wickr
*No message content. *Date and time account created. *Type of device(s) app installed on. *Date of last use. *Number of messages. *Number of external IDs (email addresses and phone numbers) connected to the account, bot not to plaintext external IDs themselves. *Avatar image. *Limited records of recent changes to account setting such as adding or suspending a device (does not include message content or routing and delivery information). *Wickr version number.
Of note, the table above does not include details about Keybase, a recent end-to-end encrypted (E2EE) service that has been gaining in popularity. The service was acquired by video conferencing software maker Zoom in May 2020.
Catalin Cimpanu is a cybersecurity reporter for The Record. He previously worked at ZDNet and Bleeping Computer, where he became a well-known name in the industry for his constant scoops on new vulnerabilities, cyberattacks, and law enforcement actions against hackers.
A recently discovered FBI training document shows that US law enforcement can gain limited access to the content of encrypted messages from secure messaging services like iMessage, Line, and WhatsApp, but not to messages sent via Signal
Signal
Signal is an encrypted messaging service for instant messaging, voice, and video calls. The instant messaging function includes sending text, voice notes, images, videos, and other files. Communication may be one-to-one between users, or for group messaging.
https://en.wikipedia.org › wiki › Signal_(software)
Encrypted messaging apps aren't completely safe from the FBI
According to the FBI document, law enforcement can gain access to basic subscriber information. Depending on the situation, they may also get access to 25 days of iMessage lookups from a target number.
The FBI training document reveals that the government agencies can obtain access to the encrypted message content and other details from secure messaging solutions like WhatsApp, WeChat, Viber, iMessage, Line, Telegram, Wickr, and Threema.
Maximum of seven days' worth of specified users' text chats (Only when end-to-end encryption has not been elected and applied and only when receiving an effective warrant; however, video, picture, files, location, phone call audio and other such data will not be disclosed).
The document — titled “Lawful Access” and prepared jointly by the bureau's Science and Technology Branch and Operational Technology Division — offers a window into the FBI's ability to legally obtain vast amounts of data from the world's most popular messaging apps, many of which hype the security and encryption of ...
End-to-end encryption (E2EE) is a system that, amongst others, allows mobile phone users to communicate with each other without anyone else eavesdropping. So, the police cannot listen in either, even if they are authorized to tap the communication.
4.3 Can deleted whatsapp messages be recovered by police? It is possible for police to recover deleted WhatsApp messages, but the success of these efforts will depend on a number of factors, including the type of device, the data retention policies of WhatsApp, and the encryption status of the messages.
End-to-end encryption is a security protocol that ensures that messages and data are encrypted throughout the entire communication process, from sender to recipient, and only the intended recipient is able to decrypt and read the message.
While the document confirms that the FBI can't gain access to encrypted messages sent through some services, the other type of information they can glean from providers might still help authorities in other aspects of their investigations.
There may be cases in which text messages are admissible as hearsay evidence, but it will depend on the individual facts of each case. Text messaging leaves an electronic record of dialogue that can be entered as evidence in court.
According to NARA's new guidance, electronic messages created or received in the course of agency business on personal devices are likely to be defined as federal records.
Your right to inspect your own FBI file is guaranteed under the Freedom of Information Act and the Privacy Act. Information about organizations, historical events, investigations, and government policies can be obtained under the Freedom of Information Act, 5 U.S.C. § 552.
The NSA also can monitor any computer in the world with access to certain international cables or wireless networks. This includes emails, text messages, phone calls (both cell phone and landline), Google Maps searches, Facebook posts — anything that can be monitored online is a possible target.
Telegram is also highly secure. The FBI can't obtain any message content or contact information. Telegram may give them IP addresses and phone numbers, but only for confirmed terrorist investigations.
This technology is primarily used to aid in criminal investigations. However, the catch here is the word "remotely". The fact is, in most jurisdictions, police cannot remotely access your phone without a warrant or your explicit consent.
Address: 2865 Kasha Unions, West Corrinne, AK 05708-1071
Phone: +3512198379449
Job: Design Planner
Hobby: Graffiti, Foreign language learning, Gambling, Metalworking, Rowing, Sculling, Sewing
Introduction: My name is Dong Thiel, I am a brainy, happy, tasty, lively, splendid, talented, cooperative person who loves writing and wants to share my knowledge and understanding with you.
We notice you're using an ad blocker
Without advertising income, we can't keep making this site awesome for you.