The Real Stakes of Apple’s Fight With the FBI

On Tuesday, the government obtained a court order compelling Apple to hack into an iPhone as part of the FBI’s investigation into the San Bernardino shooters. While the government’s investigation is an important one, the legal order it has obtained crosses a dangerous line: It conscripts Apple into government service and forces it to design and build what is, in effect, a master key that could be used as a mold to weaken the security of an untold number of iPhones.

The resulting order is not only unconstitutional, but risks setting a precedent that would fundamentally undermine the security of all devices, not just the one iPhone being debated in the news.

A bit of background is necessary to understand this debate.

As part of its investigation, the FBI has apparently obtained an iPhone 5C used by one of the shooters. The bureau has said that the phone is encrypted and protected by a passcode, and that it needs Apple’s assistance to unlock the phone. Specifically, it has asked Apple to design and write custom software that would disable several security features on the phone.

While Apple has generally cooperated in the investigation, it has refused the FBI’s latest demand to write malware that would help the FBI hack the device. To its credit, Apple has poured incredible resources into securing its mobile devices. One consequence of that effort is that Apple does not have a ready way of breaking into its customers’ devices. In the words of Apple’s CEO, Tim Cook: “We have even put that data out of our own reach, because we believe the contents of your iPhone are none of our business.”

But the FBI is dismissive of that effort. According to its legal filing, the FBI believes that Apple could, if compelled, build a master key that would allow the FBI to try to break into iPhones like the one involved in the San Bernardino investigation. The FBI acknowledges that this would require Apple to write new software and then cryptographically “sign” that software (as the iPhone will accept only software updates signed by Apple).

A federal magistrate judge granted the FBI’s request the same day, but it gave Apple five days to object. Again to its credit, Apple has vowed to fight.

It is critically important that Apple win—for cybersecurity and for the fate of privacy in the digital age—for several reasons.

First, the government’s legal theory is unbounded and dangerous. The government believes it has the legal authority to force Apple into government service, even though the company does not actually possess the information the government is after. Of course, historically, the government has sought and obtained assistance from tech companies and others in criminal investigations—but only in obtaining information or evidence the companies already have access to.

The difference between those cases and Apple’s is a radical one. If Apple and other tech companies—whose devices we all rely upon to store incredibly private information—can be forced to hack into their customers’ devices, then it’s hard to imagine how any company could actually offer its consumers a secure product. And once a company has been forced to build a backdoor into its products, there’s no way to ensure that it’s only used by our government, as opposed to repressive regimes, cybercriminals or industrial spies.

Second, this debate is not about one phone—it’s about every phone. And it’s about every device manufactured by a U.S. company. If the government gets its way, then every device—your mobile phone, tablet or laptop—will carry with it an implicit warning from its manufacturer: “Sorry, but we might be forced to hack you.”

Some might accept that risk if it were possible to limit access to legitimate governmental purposes, overseen by a judge. But as Apple’s Cook points out, backdoors are uniquely dangerous: “Once the information is known, or a way to bypass the code is revealed, the encryption can be defeated by anyone with that knowledge.”

That risk is only growing every day as the “Internet of Things” expands. For the government, every device connected to the Internet will be more than just a novel convenience—it will be a new window into your home. The fridge that responds to your verbal commands might have a backdoor to allow for remote listening. The TV that allows you to video chat with your family might be commandeered into a ready-made spy camera.

These are the real stakes of the debate: Either American companies are allowed to offer secure products to their consumers, or the U.S. government is allowed to force those companies to break the security of their products, opening the door for malicious hackers and foreign intelligence agencies alike. For the sake of both our privacy and our security, the choice is clear.

This post was originally published by Time.

View comments (73)
Read the Terms of Use

Norman Ball

I'm a donating member of the AClU. I do not agree with this position putting device privacy above national security and law enforcement legitimate needs. Look at the times in history that if this technology was there and we did not get the intelligence the outcome would have been very bad for us. Wake up. Probably not a contributor any more.

Anonymous

Thanks to the ACLU for its excellent work in this case! There is free, open source, super-strong encryption software available at veracrypt.codeplex.com which is far more powerful than the Apple software at issue here and which provides a superb defense against any violations of privacy. Highly recommended!

IRV FRANKEL

The answer is simple...Have Apple get into the phone and give the information, not the method, to the government and then destroy the method.

Kashi5202W

Any attempt to get phone records without a warrant is ILLEGAL. Why do people put up with this unconstitutional attempt by the FBI to get around our rights? Because they are scared by the propaganda that started after 09/11. Guess what pussy cats. Nobody is ever 100% safe. Remember what happened in France? So show some guts, accept the risks inherent in life, and do not give away your rights to privacy!!

Aspen Winters

When the government response to an act of terrorism* is to demand incursions into ALL civilians privacy without probably cause, it is time to stand up and fight back. We let the Patriot Act roll over us in 2001 — it's long past time to push back the tide of government overreach.

*The official and media narrative of San Bernardino is strikingly contradicted by not one but two eyewitnesses (Juan Hernandez and Sally Abdelmageed) who both describe "three tall white men in military fatigues". If Tashfeen Malik was only 90 lbs, even if mistaken for a male, she couldn't possibly have been mistaken as being "tall" by both witnesses.

http://memoryholeblog.com/2015/12/08/san-bernardino-shooters-were-white-eyewitnesses/

Robert S.

Under legitimate circumstances, a magistrate can unquestionably issue a warrant to search a safe deposit box. If a bank created a safe deposit box that destroyed its contents if someone other than its owner attempted to access it, surely, it would not be unreasonable for a court to ask the bank to assist law enforcement in accessing and preserving the potential evidence.

Furthermore, suggesting that a court order requiring a bank to assist law enforcement under these circumstances would create a slippery slope would be absurd. Just because the bank assisted law enforcement one time would not mean that the government would then have access to all of the banks self-destructing safe deposit boxes. Likewise, if Apple assists the government in cracking the iPhone, how will that in turn allow the government to manipulate future software updates? Particularly since the government is only asking Apple to shut off the phone's self-destruct feature, and not the code itself.

Anonymous

The government would then pass laws prohibiting citizens to buy phones made by foreign manufacturers which don't have such "keys".

Michael Byrnes

I don't understand why this has to be viewed as "granting the government a back door into all of our lives". It is clearly in the best interest of all of us if the Feds can get hold of information that may be on that phone to help find and stop other terrorists. Apple could clearly unlock this ONE phone and help all of us. Blowing this out of proportion is helping NO ONE. Apple should use some common sense and unlock the one phone and give the info on it to the Feds. That clearly does NOT put anyone of us at risk - quite the contrary.

William W

Will these cell phone/technology corporations protect their bottom line? You betcha! But where does all of that wealth they have accumulated come from anyway? From the government? Ah, from those of us who buy their products and use them. And how can they profit from being a slave to their criminal government and stabbing me, and you, in the back? And the ACLU is in no way over reacting, although some of the commenters have completely gone off of the right side of the debate. This is the final move before Big Brother knows all about you, all of the time, and where ever you are. This will give them the ability to SPY on you 24/7! Why? Because they must to protect themselves from us if we ever found out.

Anonymous

Government using its monopoly on the legal use of force against its own law abiding citizens, be they individuals or companies, is a greater threat to our security than the actions of proven or suspected terrorists. The terrorists' actions harm 'some' individuals but this kind of government intrusion would affect potentially all users of information and communication products.
Once we surrender to this type of surveillance this will become the new norm and our freedoms will have become not 'rights' but revokable hindrances to anti-terrorist efforts,all in the name of keeping us free and safe. Freedom, including our privacy, cannot be secured

Pages

Stay Informed