Balancing Security and Privacy in the Age of Encryption: Apple v. FBI
June 6, 2016
The San Bernardino attack that resulted in the deaths of 14 people last December continues to evolve into the polarizing yet familiar battle over the balance between . For those who have lost track of how it all started, the story began when the FBI was unable to unlock an iPhone belonging to one of the attackers, Syed Rizwan Farook, and approached Apple for assistance. Drama ensued as Apple refused to help the FBI break into the phone, believing that the methodology it was asked to utilize was unwarranted and threatening to public security. In what many have argued is an unethical, unprecedented request, the FBI ordered Apple to create software that would disable privacy settings used in select iPhones models. In addition to existing disputes over the acceptable extent of access to private information, the order gave rise to a new question: Does the FBI have the right to demand security backdoors that could compromise the safety of uninvolved civilians?
The trouble began soon after the FBI found that it could not unlock Syed鈥檚 phone, which was locked with a four-digit code set to erase the phone鈥檚 contents after ten incorrect password attempts. The task was further complicated by a setting that increased time increments between failed password trials, a particularly frustrating problem in crimes when time is of the essence. In fact, Apple鈥檚 iPhone encryption software was so advanced that the company itself claimed it did not possess the technology needed to unlock it. Frustrated with Apple鈥檚 refusal to comply with its requests, the FBI asked Magistrate Sheri Pym to issue a court order demanding that Apple create a new operating system to allow it to bypass security measures.
The order was unique both because it asked for nonexistent software and because it requested a security 鈥榖ackdoor鈥 that could be used to unlock myriad devices. So was it ethical, not to mention legal, for the FBI to ask for software that had the potential to override broadly-applicably security measures? According to Apple, the answer is a big, fat, thespian no. Apple not only refused to comply but also published an to the public, advising people of the 鈥榗hilling鈥 implications of a security backdoor, writing that, 鈥渢his demand would undermine the very freedoms and liberty our government is meant to protect.鈥 Apple warned that the technology could be detrimental if misused, stating: 鈥淚n the wrong hands, this software 鈥 which does not exist today 鈥 would have the potential to unlock any iPhone in someone鈥檚 physical possession ... while the government may argue that its use would be limited to this case, there is no way to guarantee such control.鈥 The letter went on to outline several alarming scenarios that could result from giving the government access to this technology. Among them were the right to ask for software that intercepts texts or photos, health records, financial data and locations.
Though the letter was a bit artful, it raised important questions that deserve careful consideration. For one, the request for nonexistent software could set a legal precedent for permitting additional nonstandard, privacy-compromising demands. Apple鈥檚 fear stemmed in part from the approach the FBI took to seeking out iPhone contents. Rather than issuing a standard subpoena for information found on one device, the government requested a court order under the , which allows federal courts to issue all necessary or appropriate legal writs (i.e., court orders) compelling citizens to undertake certain actions as long as it is necessary and appropriate. The Act is a component of the Judiciary Act of 1789, and its creators could not have possibly predicted cell phones, let alone the links between individual phone software and security of technologies belonging to the greater public. Because the Act is so broad, it could, in theory, be applied to more extensive requests for technology that would jeopardize our privacy.
Whether major fears about abuses of power are symptomatic of public paranoia or forward-thinking dedications to ensuring public security is debatable. The government鈥檚 stance on the issue is not. Soon after the open letter was published, the FBI filed a motion to compel Apple to comply with the court order and accused the company of misrepresenting facts for marketing purposes. Government : 鈥淩ather than assist the effort to fully investigate a deadly terrorist attack by obeying this Court鈥檚 Order of February 16, 2016, Apple has responded by publicly repudiating that order 鈥 The Order does not, as Apple鈥檚 public statement alleges, require Apple to create or provide a 鈥榖ack door鈥 to every iPhone; it does not provide 鈥榟ackers and criminals鈥 access to iPhones 鈥 It does not give the government 鈥榯he power to reach into anyone鈥檚 device without a warrant or court authorization 鈥︹ The motion also goes on to imply that Apple misled the public about the dangers of the All Writs Act, claiming that Apple previously complied with the Act, and use of the law for such purposes was not unprecedented.
While Apple and the FBI clearly stand on opposite sides of the argument, the public鈥檚 opinions on whether the government is dangerously overstepping boundaries are mixed. Based on a March of over 1,000 individuals, CBS revealed that 50 percent of those polled thought that Apple should unlock the iPhone, and 45 percent thought it should refute the order. Despite the varied results, eight in 10 respondents still believed that it was at least somewhat likely a decision to unlock the phone could set a legal precedent for mandates to unlock additional devices in the future. In other words, a belief that the government will continue to push privacy boundaries are widespread
Luckily for the FBI, it is unlikely that the bureau will be forced to defend itself on a public stage. Nor will Apple be lucky enough to testify in court, acting as a stalwart battling the government to protect collective security. What could have set the stage for a Hollywood movie has begun to devolve into a background narrative. After asking for a delay on its court date with Apple, the FBI fully retracted its demands. Instead of fighting the tech giant, it secured the services of professional hackers who were able to find and expose flaws in the iPhone鈥檚 security system, allowing the government to unlock the phone without clearing its contents.
Not only has the dramatic storyline come to an abrupt halt, the ball is back in the FBI鈥檚 court. Now that it possesses information about Apple鈥檚 security flaws, it has the opportunity to minimize accusations about unethical intentions to infiltrate additional devices. If the FBI chooses to provide Apple with details about its operating system failings, the bureau may qualm some public suspicions, but it will also risk losing valuable information that could be utilized for future searches. The path it chooses to take will likely be determined by the in the coming weeks, but inevitably, uncertainties over its intentions will remain intact.
Paulina Haselhorst was a writer and editor for and the director of content for . She received her MA in history from 黑料门University Chicago and a BA from the University of Illinois at Urbana-Champaign. You can contact Paulina at PaulinaHaselhorst@gmail.com.
June 6, 2016
The San Bernardino attack that resulted in the deaths of 14 people last December continues to evolve into the polarizing yet familiar battle over the balance between . For those who have lost track of how it all started, the story began when the FBI was unable to unlock an iPhone belonging to one of the attackers, Syed Rizwan Farook, and approached Apple for assistance. Drama ensued as Apple refused to help the FBI break into the phone, believing that the methodology it was asked to utilize was unwarranted and threatening to public security. In what many have argued is an unethical, unprecedented request, the FBI ordered Apple to create software that would disable privacy settings used in select iPhones models. In addition to existing disputes over the acceptable extent of access to private information, the order gave rise to a new question: Does the FBI have the right to demand security backdoors that could compromise the safety of uninvolved civilians?
The trouble began soon after the FBI found that it could not unlock Syed鈥檚 phone, which was locked with a four-digit code set to erase the phone鈥檚 contents after ten incorrect password attempts. The task was further complicated by a setting that increased time increments between failed password trials, a particularly frustrating problem in crimes when time is of the essence. In fact, Apple鈥檚 iPhone encryption software was so advanced that the company itself claimed it did not possess the technology needed to unlock it. Frustrated with Apple鈥檚 refusal to comply with its requests, the FBI asked Magistrate Sheri Pym to issue a court order demanding that Apple create a new operating system to allow it to bypass security measures.
The order was unique both because it asked for nonexistent software and because it requested a security 鈥榖ackdoor鈥 that could be used to unlock myriad devices. So was it ethical, not to mention legal, for the FBI to ask for software that had the potential to override broadly-applicably security measures? According to Apple, the answer is a big, fat, thespian no. Apple not only refused to comply but also published an to the public, advising people of the 鈥榗hilling鈥 implications of a security backdoor, writing that, 鈥渢his demand would undermine the very freedoms and liberty our government is meant to protect.鈥 Apple warned that the technology could be detrimental if misused, stating: 鈥淚n the wrong hands, this software 鈥 which does not exist today 鈥 would have the potential to unlock any iPhone in someone鈥檚 physical possession ... while the government may argue that its use would be limited to this case, there is no way to guarantee such control.鈥 The letter went on to outline several alarming scenarios that could result from giving the government access to this technology. Among them were the right to ask for software that intercepts texts or photos, health records, financial data and locations.
Though the letter was a bit artful, it raised important questions that deserve careful consideration. For one, the request for nonexistent software could set a legal precedent for permitting additional nonstandard, privacy-compromising demands. Apple鈥檚 fear stemmed in part from the approach the FBI took to seeking out iPhone contents. Rather than issuing a standard subpoena for information found on one device, the government requested a court order under the , which allows federal courts to issue all necessary or appropriate legal writs (i.e., court orders) compelling citizens to undertake certain actions as long as it is necessary and appropriate. The Act is a component of the Judiciary Act of 1789, and its creators could not have possibly predicted cell phones, let alone the links between individual phone software and security of technologies belonging to the greater public. Because the Act is so broad, it could, in theory, be applied to more extensive requests for technology that would jeopardize our privacy.
Whether major fears about abuses of power are symptomatic of public paranoia or forward-thinking dedications to ensuring public security is debatable. The government鈥檚 stance on the issue is not. Soon after the open letter was published, the FBI filed a motion to compel Apple to comply with the court order and accused the company of misrepresenting facts for marketing purposes. Government : 鈥淩ather than assist the effort to fully investigate a deadly terrorist attack by obeying this Court鈥檚 Order of February 16, 2016, Apple has responded by publicly repudiating that order 鈥 The Order does not, as Apple鈥檚 public statement alleges, require Apple to create or provide a 鈥榖ack door鈥 to every iPhone; it does not provide 鈥榟ackers and criminals鈥 access to iPhones 鈥 It does not give the government 鈥榯he power to reach into anyone鈥檚 device without a warrant or court authorization 鈥︹ The motion also goes on to imply that Apple misled the public about the dangers of the All Writs Act, claiming that Apple previously complied with the Act, and use of the law for such purposes was not unprecedented.
While Apple and the FBI clearly stand on opposite sides of the argument, the public鈥檚 opinions on whether the government is dangerously overstepping boundaries are mixed. Based on a March of over 1,000 individuals, CBS revealed that 50 percent of those polled thought that Apple should unlock the iPhone, and 45 percent thought it should refute the order. Despite the varied results, eight in 10 respondents still believed that it was at least somewhat likely a decision to unlock the phone could set a legal precedent for mandates to unlock additional devices in the future. In other words, a belief that the government will continue to push privacy boundaries are widespread
Luckily for the FBI, it is unlikely that the bureau will be forced to defend itself on a public stage. Nor will Apple be lucky enough to testify in court, acting as a stalwart battling the government to protect collective security. What could have set the stage for a Hollywood movie has begun to devolve into a background narrative. After asking for a delay on its court date with Apple, the FBI fully retracted its demands. Instead of fighting the tech giant, it secured the services of professional hackers who were able to find and expose flaws in the iPhone鈥檚 security system, allowing the government to unlock the phone without clearing its contents.
Not only has the dramatic storyline come to an abrupt halt, the ball is back in the FBI鈥檚 court. Now that it possesses information about Apple鈥檚 security flaws, it has the opportunity to minimize accusations about unethical intentions to infiltrate additional devices. If the FBI chooses to provide Apple with details about its operating system failings, the bureau may qualm some public suspicions, but it will also risk losing valuable information that could be utilized for future searches. The path it chooses to take will likely be determined by the in the coming weeks, but inevitably, uncertainties over its intentions will remain intact.
Paulina Haselhorst was a writer and editor for and the director of content for . She received her MA in history from 黑料门University Chicago and a BA from the University of Illinois at Urbana-Champaign. You can contact Paulina at PaulinaHaselhorst@gmail.com.