fbpx

The FBI and Apple: It’s not just about one phone

The tragedy in San Bernardino has launched an increasingly intense public debate about where the line should be drawn to protect citizens’ digital data from government intrusion.
[additional-authors]
February 22, 2016

The tragedy in San Bernardino has launched an increasingly intense public debate about where the line should be drawn to protect citizens’ digital data from government intrusion. Those horrific shootings left the nation stunned, and the U.S. government should thoroughly investigate this terrorist attack.

But in its search for more information, how far should the government be allowed to go in compelling a company to create something it does not possess?

At issue is an iPhone used by one of the shooters and the encrypted data it contains. The FBI has obtained a court order directing Apple to hack into its iPhones by designing and writing custom software to defeat the phone’s security features.

[The FBI versus Apple: analyzing the claims]

Apple has cooperated with the investigation for the most part, but it has refused the FBI’s demand that it design and write what amounts to malware designed to defeat the security systems it has spent years building. The company has decided to fight the court order, and it should be applauded for standing up for its right to offer secure devices to all of its customers.

So this debate then is not simply about one phone. It is about every phone. And it’s about every device manufactured by a U.S. company in the ever-growing “Internet of Things.”

If the government gets its way, then every device — your mobile phone, tablet or laptop — will carry with it an implicit warning from its manufacturer: “Sorry, but we might be forced to hack you.”

As Sen. Ron Wyden (D-Ore.), a congressional leader on privacy and technology, has stated, “If upheld, this decision could force U.S. technology companies to actually build hacking tools for government against their will, while weakening cybersecurity for millions of Americans in the process.”

One concern is government overreach. The government isn’t just asking Apple to give them access to documents or programs that already exist. Instead, the government is using a 227-year-old law, the All Writs Act, to order Apple to spend time and resources coming up with a new technology that Apple doesn’t want to work on — code to hack its own phones.

However, the All Writs Act does not permit the government to obtain an order compelling assistance by a party that does not have possession or control of the information the government seeks.

The court order risks setting a dangerous precedent. If the FBI can force Apple to hack into its customers’ devices, then so too can every repressive regime in the rest of the world. If the government demonstrates that it can compel Apple to break its own security in this way, the next demands may well come from China, and the next targets will be dissidents, not criminal suspects.

Of course, historically, the government has sought and obtained assistance from tech companies and others in criminal investigations — but only in obtaining information or evidence the companies already have access to.

So much is at stake. And so much surrounding this case is misunderstood.

One argument is that Apple has unlocked 70 phones in investigations of other crimes. That is simply not true. Apple has extracted data from phones using earlier software without unlocking them. It has helped the government recover data in criminal investigations, but it has not created new code to defeat the security systems — code that would make all Apple customers less secure.

The company has not been able to extract data tied to a passcode since September, 2014, when its iOS 8 operating system was introduced. Apple no longer has a way of breaking into its customers’ mobile devices.

As Apple CEO Tim Cook has said, “We have even put that data out of our own reach, because we believe the contents of your iPhone are none of our business.”

Another misconception is that Apple could develop a dedicated program that would work only on the phone the FBI has seized. That risk might appear acceptable to some if it were possible to limit access to legitimate governmental purposes overseen by a judge.

But Apple’s Cook notes that so-called backdoors are inherently dangerous. “Once the information is known,” he says, “or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.”

Once the code is bypassed, that knowledge becomes a genie that cannot be put back in the bottle.

For the government, every “Internet of Things” device will be more than just a novel convenience — it will be a new window into your home. The fridge that responds to your verbal commands might have a backdoor to allow for remote listening. The TV that enables you to video chat with your family might be commandeered into a ready-made spy camera.

The security of data and safety of users everywhere isn’t worth sacrificing to a possible lead in any one case, no matter how important.


Hector Villagra is executive director of the ACLU of Southern California.

Did you enjoy this article?
You'll love our roundtable.

Editor's Picks

Latest Articles

More news and opinions than at a
Shabbat dinner, right in your inbox.

More news and opinions than at a Shabbat dinner, right in your inbox.

More news and opinions than at a Shabbat dinner, right in your inbox.