A battle over the future of privacy is being waged between a tech giant and the government in California.
On Tuesday, a California judge ordered Apple to help break into an encrypted iPhone that was used by Syed Farook, one of the San Bernardino shooters, who was killed, along with his wife, after their attack. The highly technical order specified that Apple should create software that would turn off the phone’s auto-erase feature and make it easier for the FBI to brute-force the password, decrypting the data on the phone.
Apple responded quickly to the request that it undermine one of its security promises to customers: that only they, and not Apple, can unlock the encrypted data on their iPhones. Apple CEO Tim Cook said the company refuses to build a “backdoor” for the iPhone in a customer letter posted to Apple’s site late Tuesday evening. He says Apple will oppose the order and accused the government of overreach.
[T]he U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.
Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.
They have asked us to build a backdoor to the iPhone.
What the government is asking for isn’t exactly a backdoor. It’s more like giving the government the sledgehammer it needs to bust down the front door. The judge ordered Apple to provide a technological mechanism that would turn off the erasing of data after 10 incorrect iPhone passcode entries and override the feature that makes you wait longer and longer amounts of time between each attempt. It would make it possible for the government to brute-force its way into the iPhone.
Acts of terrorism come hand in hand with privacy invasions, as the government gets desperate for information to prevent further attacks. Cook says Apple has amply assisted law enforcement in its investigation of December’s mass shooting in San Bernardino, California, making “engineers available to advise the FBI” and offering “our best ideas on a number of investigative options at their disposal.” The government, for example, got data that Syed Farook had backed up from the phone into the iCloud, according to NBC News, where it is stored in a format that Apple can decrypt. But the government wants the newest data available on the phone.
In a letter that reads righteously, Cook says the request for special software to unlock the phone goes too far.
The government suggests this tool could only be used once, on one phone. But that’s simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.
The government is asking Apple to hack our own users and undermine decades of security advancements that protect our customers — including tens of millions of American citizens — from sophisticated hackers and cybercriminals.
Since changing its design in 2014 to encrypt the data on customers’ iPhones by default, Apple has been criticized by the government for making law enforcement investigations harder. FBI director James Comey said Apple, and Google, which announced similar plans for Android, were putting customers “beyond the law,” comparing them to a car dealer that sells “cars with trunks that couldn’t ever be opened by law enforcement.”
Cook calls the government’s use of the broad All Writs Act of 1789 to force the unlocking a “dangerous precedent” that could open the door to other troubling surveillance requests of Apple. (It’s not for the first time it’s been used.)
“The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge,” writes Cook, who would obviously like the public to support the company’s stance on privacy and security vs. the government’s investigatory priorities.
As the government wants to know whether the San Bernardino shooters were in contact with people who could still pose a terrorism risk, it has a strong incentive to keep pushing for Apple’s cooperation. But Cook has made clear the company will fight back. Expect to see this one escalated to higher courts. It will surely be a precedent-setting case.
“We are challenging the FBI’s demands with the deepest respect for American democracy and a love of our country,” writes Cook. “Ultimately, we fear that this demand would undermine the very freedoms and liberty our government is meant to protect.”