CBP signs contract with Amazon-owned Wickr encrypted chat app


U.S. Border Patrol officers, part of Customs and Border Protection, as they detain Central American asylum seekers near McAllen, Texas, in June 2018.

U.S. Border Patrol officers, part of Customs and Border Protection, as they detain Central American asylum seekers near McAllen, Texas, in June 2018.
Photo: John moore (Getty Images)

US Customs and Border Protection (CBP) deploys the encrypted chat application owned by Amazon Wickr in “all components” of its operations, Motherboard reported on Tuesday, citing agency procurement documents.

Whereas previously CBP had signed a contract worth $ 700,000 with Wickr, the new agreement is valued at around $ 900,000. According to Motherboard, the contract documents are dated Sept. 18 and state that its goal is to “renew and purchase additional Wickr software licenses and professional support to deploy a secure instant messaging platform for versatile applications across all components. of CBP ”. While Wickr offers a free version of its app, it also offers various paid services to the private sector and government, including Wickr Pro, Wickr Enterprise, and Wickr RAM, the latter of which is designed for use by the military.

Wickr uses end-to-end encryption, which means messages and calls sent through the app are fully encrypted in transit and can only be decoded by the devices involved in a conversation. Unless you discover a flaw in the encryption protocol, it effectively makes them impossible for someone else to intercept and view. The motherboard noted that the Wickr RAM, which the company advertises as providing “comprehensive security against foreign and domestic cyber threats,” claims to be accredited by the Ministry of Defense. Wickr also said that RAM is “the only collaboration service with full functionality to meet all defined security criteria” by the National Security Agency. Wickr also touts a feature that allows all messages sent through the app to be automatically destroyed after a set period of time, after which they can apparently never be retrieved by any method.

CBP previously refused to identify to Motherboard which product was involved in the $ 700,000 contract.

Amazon Web Services (AWS) announced the acquisition of Wickr in June. Previously, its only real entry into the messaging space was Chime, a video conferencing software that doesn’t have end-to-end. encryption.

However, AWS has aggressively moved to contracting for federal police and intelligence agencies, as well as the military. It is no stranger to doing business with CBP or its sister agency Immigration and Customs Enforcement despite the protests of immigration rights activists, as well as its own employees, many of whom demanded AWS stops doing business with entrepreneur ICE Palantir owned by Peter Thiel in 2019. Many Amazon workers and some shareholders also protested against the sale by the company of its facial recognition software, Recognition, to the police.

Running facial recognition technology is inherently riddled with racial and other prejudices. In response to widespread nationwide protests against police brutality and racism in 2020, Amazon conceded and imposed a moratorium on police sales of facial recognition technology to cops, that he recently extended “until further notice.”

Amazon also operates what has been described as the largest civilian surveillance network via its smart Ring doorbell cameras, which police and firefighters in at at least 48 states took advantage by joining an Amazon program to share recordings with government officials. AWS tried to win a huge cloud computing contract for the military named JEDI, but the program was scuttled in July 2021, in the midst of a long-standing fight with another Microsoft bidder that had dragged on for so long that the Defense Department declared the plan obsolete. Instead, the military is soliciting bids from both companies for another cloud computing initiative, the Joint fighter cloud capability.

While CBP sees the need for technology like Wickr, federal agencies like the FBI have been tackling end-to-end encryption for years, claiming it allows criminals to hide their activity from cops. At many occasions, authorities tried to force companies to incorporate surveillance backdoors into their products to allow wiretapping, a practice security experts are almost unanimous in creating major security flaws.

More recently, federal authorities have simply sought to undermine trust in encrypted communications with operations designed to send the message that no platform is trustworthy. In June, the Justice Department announced a massive raid on drug traffickers and money launderers that it had duped as part of a program called “Shield of Troy” in which he used an informant to create a honeypot app (ANOM) masquerading as an encrypted messaging platform. Acting U.S. Attorney Randy Grossman told a press conference that authorities aim to “shatter all confidence in the hardened crypto device industry with our indictment and our announcement that this platform is run by the FBI, “adding to anyone who thinks they” operate under a cloak of encrypted secrecy, your communications are not secure.

“Today’s public sector clients use Wickr for a wide range of missions, from secure communication with office workers to providing encrypted communications to tactically-advanced service members,” Stephen Schmidt, vice -President of AWS and responsible for information security, written in a press release after Amazon’s acquisition of Wickr. “Corporate customers use Wickr to maintain the confidentiality of communications between employees and business partners, while remaining compliant with regulatory requirements. “


Comments are closed.