Phone hacking tech firm asks cops not to disclose its use

A leaked video shows a senior employee asking law enforcement officials to keep the tech "hush hush."
Loukia Papadopoulos
Representational image of a phone being hacked.jpg
Representational image of a phone being hacked.

Tero Vessaleinen/iStock 

TechCrunch has obtained a leaked video of a senior Cellebrite employee telling law enforcement customers who use its tech to keep it “hush hush.” Cellebrite is a firm that provides phone hacking technology to police and government officials around the world.

“Ultimately, you’ve extracted the data, it’s the data that solves the crime, how you got in, let’s try to keep that as hush hush as possible,” said the employee, which TechCrunch did not name, in the clip.

Problematic disclosure practices

TechCrunch also provided a full transcript of the leaked video which revealed many problematic statements about Cellebrite’s disclosure practices.

“In a bit more detail, these capabilities that are put into Cellebrite Premium, they are actually trade secrets of Cellebrite, and we want to continue to ensure the viability of them so that we can continue to invest heavily into research and development, so we can give these abilities to law enforcement globally. Your part is to ensure that these techniques are protected as best as you can, and to either consider them as “law enforcement sensitive” or classify them to a higher level of protection in your individual country or agency,” said the employee.

This seems like a far cry from a report in April of 2021, where the company was actually glad to share with media how it had helped catch two kid murderers in Brazil.

The news of the leaked video is troubling to say the least. A powerful tool such as Cellebrite’s can be used to make or break a case and should therefore be disclosed in a court of law. Which begs the question: why does the firm want to keep its tech secret?

In the video, the Cellebrite employee argued that disclosing the tech’s use could help criminals avoid being caught through its methods.

“If the bad guys find out how we’re getting into a device, or that we’re able to decrypt a particular encrypted messaging app, while they might move on to something much, much more difficult or impossible to overcome, we definitely don’t want that.”

A disservice to defendants

Although this may seem like a logical reason, it is likely not the best way to approach this issue. All legal procedures need to be transparent to ensure the defendant’s rights are not violated. 

If authorities fail to disclose the use of Cellebrite’s tech during a trial, the defendant’s legal team cannot investigate whether data was obtained in a legal manner and whether it is indeed correct or not.

TechCrunch was able to get a comment from Cellebrite spokesperson Victor Cooper who said that the company “is committed to supporting ethical law enforcement. Our tools are designed for lawful use, with the utmost respect for the chain of custody and judicial process.”

“We do not advise our customers to act in contravention with any law, legal requirements or other forensics standards,”he added. 

If Cellebrite’s tools and disclosure rules are indeed legal, we may be looking at a regulatory issue. The leak showcases a need for courts everywhere to review how data is obtained and what should be considered acceptable practice. Ultimately, no defendant should have to suffer to please a company’s self-interests.

Add Interesting Engineering to your Google News feed.
Add Interesting Engineering to your Google News feed.
message circleSHOW COMMENT (1)chevron
Job Board