Apple takes on the FBI: What’s really at stake

Apple takes on the FBI: What’s really at stake

Apple's fight with the FBI is about more than encryption alone, and a loss could set bad legal precedent for tech companies

Apple's confrontation with the FBI is about much more than encryption.

In his open letter response on Wednesday to the FBI's demand that the company assist in obtaining data from a terrorist's iPhone, Apple CEO Tim Cook opened up a far-reaching debate about privacy, as well as the limits of government reach and law enforcement in a digital age.

Other tech luminaries have been noticeably slow to weigh in, however. TidBits makes the argument that ad-driven companies like Facebook and Twitter, whose businesses are based on having access to users' data, are loath to jump in for fear of calling greater attention to this fact. Both companies did ultimately voice support for Apple's stand late Thursday.

But no company is as data-driven as Google, and its CEO, Sundar Pichai, has voiced support of Cook on Twitter, calling the judge's order "a troubling precedent." Microsoft, too, is backing Apple, albeit indirectly. Google's Pichai supported Apple late Wednesday, while Microsoft executives indicated support via tweets on Thursday.

What are the CEOs of Internet giants like AOL, Yahoo, and Amazon.com waiting for? Or CEOs from tech giants like Cisco, Dell, Hewlett-Packard, IBM, and EMC VMware?

In one corner, Tim Cook

In his letter, Cook explained why Apple could not comply with the FBI's request that it build a new version of iOS, circumventing several security features, and install it on an iPhone recovered from the San Bernardino terrorists:

In the wrong hands, this software -- which does not exist today -- would have the potential to unlock any iPhone in someone's physical possession. The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor.

When it comes to the importance of encryption, Cook has the security community on his side. Backdoors, the experts say, are nothing more than security vulnerabilities waiting to be exploited by cyber criminals or foreign governments. "This is the technology equivalent to a law of physics, not some technical problem we haven't solved yet," says TidBits.

Ted Lieu, one of only four U.S. congressmen with a degree in computer science, agrees. "You cannot design a technological backdoor only for the good guys, because hackers will eventually find that backdoor -- or what's more likely is the federal government will get hacked through that backdoor," Lieu told Wired, pointing to the recent hack of the FBI itself.

And Cook warns:

The government suggests this tool could only be used once, on one phone. But that's simply not true. Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks -- from restaurants and banks to stores and homes. No reasonable person would find that acceptable.

In a sign of Apple's commitment to the fight, the company has signed on attorney Ted Olson, who is perhaps best known for successfully arguing two landmark cases in front of the Supreme Court: Bush v. Gore, which decided the 2000 presidential election, and Obergefell v. Hodges, which legalized same-sex marriage in the United States.

In the other corner, the FBI

The FBI's long game is about more than any potential evidence on this one iPhone. While the White House insists the FBI is not asking for a backdoor to the iPhone, the fact is that, for more than a year, the government has been trying to use the All Writs Act of 1789 to force Apple to unlock encrypted phones in multiple cases.

Macworld makes the argument that the FBI needs this legal win. "Legal precedent is like a glacier, slowly building over time until it becomes nigh unstoppable.... It's the reason the NRA fights any attempts at gun control, since they fear a slow build, not a single small law."

Perhaps even more disturbing is the precedent that a court could compel a software company to "custom-build malware to undermine its own product's security features," Kevin Bankston, director of New America's Open Technology Institute, told the Washington Post.

If a court can compel Apple to do it, then it can compel other software providers as well. "Where does it end?" asked Ahmed Ghappour, a professor at the University of California's Hastings College of the Law. "Can the government use it to compel Facebook to customize an algorithm that predicts crime? It's not clear where the line will be drawn, if at all."

Should Apple lose its fight with the FBI, authoritarian governments like Russia and China could also demand greater access to users' data. "Why in the world would our government want to give repressive regimes in Russia and China a blueprint for forcing American companies to create a backdoor?" said Senator Ron Wyden, who serves on the Senate Intelligence Committee. "If upheld, this decision could force U.S. technology companies to actually build hacking tools for government against their will, while weakening cyber security for millions of Americans in the process."

Last year, President Barack Obama criticized a Chinese law that would force U.S. firms to provide technical assistance -- including decryption -- to Chinese authorities to help prevent and investigate terrorists. "Imagine how hollow these objections will ring if a U.S. court can order what China was trying to compel by statute," said Greg Nojeim of the Center for Democracy and Technology.

The FBI has seized upon an emotionally charged instance of terrorism to push its case for access to previously secure data. The Verge points out a number of faulty premises that are making it impossible to rationally discuss the issues of privacy and encryption. Perhaps chief among them is the incessant talk by FBI Director James Comey about terrorists "going dark" -- which suggests they weren't in the dark before. Says the Verge:

There's just no reason to think that the FBI is having a harder time tracking criminal activity than it did 15 years ago.... Fifteen years ago, it would have been unthinkable to order Microsoft to turn over a private file from a personal computer, or ask Verizon for a transcript of an unflagged phone call from three months earlier. But the shift to mobile has made those records seem much more accessible. ... [and] the bureau feels entitled to all that data and gets angry when companies refuse. But without the technological shifts made possible by encryption -- email, SMS, cloud storage, and so on -- most of these warrants would never be written up in the first place.

The move to the cloud has made data more accessible -- and for the most part the FBI has no trouble getting access. Its hand-wringing about "going dark" glosses over the fact that law enforcement already has a ton of information at its disposal through legal means: texts, phone records, phone location histories, and the raft of social media data stored in the cloud. Apple and other tech giants have a long history of complying with court orders -- in the current San Bernardino terrorist case, it has supplied to the FBI as ordered the iCloud backups from the shooter's Apple devices, for example -- and the vast majority of government requests to tech companies are fulfilled.

Still, there are those who believe the FBI should have access to all data -- in which case what they are really asking for is an expansion of surveillance power, even though there is no evidence that banning encryption or expanding government surveillance will help stop terrorist plots. "Hindsight investigations have found lots of tragically dropped leads in the run-up to recent attacks, but they've mostly been either available information that was ignored or pre-existing flags within the intelligence system," says the Verge.

In every sense, this case stands to set a dangerous precedent. "The implications of the government's demands are chilling," Cook's letter concludes. "The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone's microphone or camera without your knowledge."

John Ashcroft, a former U.S. attorney general whose conservative social views made him a controversial figure in the George W. Bush administration, is a surprising source to find warning about government overreach when it comes to encryption and encroaching on privacy. Ashcroft wrote:

The Founding Fathers recognized the importance of this balance. In no way did they favor the notion that a key to every home, diary, bank account, medical record, business plan, or investment should be provided to the Federal Government for use without the individual's knowledge.

Some might suggest that the views of the Founding Fathers are irrelevant to the debate on encryption because they could not envision this type of technology. But it is dangerous to underestimate the Founding Fathers. Thomas Jefferson invented the wheel cypher in the 1790s. This invention consisted of a spindle of 36 wooden disks with letters carved on the outside. This simple device would provide robust encryption similar to that provided by the high-tech software that the FBI is so concerned about. Nonetheless, neither Thomas Jefferson nor any of the other Framers suggested that encryption should be banned or that the Fourth Amendment should be repealed. Instead, they opted for the balanced approach reflected in the Constitution.

Fight for the Future, a digital rights group that last year organized widespread rapid response protests in support of Net neutrality, has been calling for protests outside Apple stores to demand that the U.S. government drop its request. Now's the time to speak out on privacy and the limits of government for the digital age.

From CIO: 8 Free Online Courses to Grow Your Tech Skills
View Comments
Join the discussion
Be the first to comment on this article. Our Commenting Policies