Hacking by law enforcement has been front page news since the FBI purchased a tool to bypass the security of an encrypted iPhone while investigating the San Bernardino shooting. However, this type of hacking is nothing new: it has been over fifteen years since the first known case of police intrusion into a computer as part of an investigation. While it is uncertain when this behavior began, we are sure that, as of 1999, that the government had begun to use technological skills to access private digital networks and material in the process of investigating crimes. Hacking methods can be as simple as using a USB drive to install a malicious program, or tricking users into opening a phishing email, and as complex as tools that rely on previously unknown or “zero-day” vulnerabilities to allow a hacker to bypass the sophisticated security functions of a mobile phone’s operating system.
Despite being a key tactic for law enforcement since the turn of the century, hacking didn’t become a major topic of public discussion until the San Bernardino iPhone hack. That case received such widespread media coverage that even the general public was talking about the ways that law enforcement could, or could not, access the devices that we all carry in our pockets. But the repercussions of investigative hacking are unclear, and important questions must be asked when evaluating policy options to address the issue: what procedural and substantive standards must be met when the government seeks authorization to hack? Under what legal authority can this type of hacking be authorized? Could the hack damage the targeted device or infect untargeted devices? How can the privacy of third parties be protected when investigating a single individual? Should law enforcement be able to target only specific individuals, or everyone that visits a particular website or uses a particular service? How should law enforcement minimize the collection of data that isn’t relevant to their investigation? These are all critical questions, yet law enforcement has taken very few steps to provide clear information about their procedures, tools, or tactics when it comes to their hacking activities.
Understanding the history of government hacking is important in order to engage more people in the on-going policy discussion. This paper focuses on a selection of illustrative historical cases, with the understanding that due to the secret nature of government investigations, we can only know a fraction of the hacking that has taken place. This overview highlights major trends in investigative hacking and will hopefully foster more inquiries into these practices by policymakers and the public.