Last Thursday Apple filed a motion to dismiss a court order requiring the company to comply with FBI demands to unlock an iPhone. This argument between federal agents and a global tech giant (only recently surpassed by Google as the most valuable company in the world) has played out publicly, as well as in court.
On 2 December 2015, Syed Rizwan Farook and Tashfeen Malik killed 14 people and injured 22 others at an office holiday party in what President Obama branded an “act of terrorism”. A week after the shooting, the FBI announced that it was unable to unlock Farook’s mobile phone, an iPhone 5C.
The FBI, in order to access encrypted information stored on Farook’s phone, is pushing Apple to create software that would weaken the device’s security features by allowing an infinite number of guesses at the passcode without erasing the device’s data. Apple contends that this software does not exist, and that in effect what the FBI has requested is an after-market backdoor. On 16 February, a magistrate in the US District Court in Central California sided with the FBI and ordered Apple to help unlock the phone.
In the motion filed by Apple in response to this ruling, their lawyers contend that doing so would impinge upon the First Amendment rights of the organisation, as creating the new software would run contra to Apple’s “strong view about consumer security and privacy”. In addition to this, the motion claims that carrying out this order would place an undue burden on Apple, and furthermore that it would be impossible to destroy the code after it had been used, as multiple individuals would be involved in creating it and it would be replicable. In all, Apple argues, taking this action would “undermine the basic security and privacy interests of hundreds of millions of individuals around the globe.”
From a PR perspective, it’s clear what is at stake here for Apple: compromising on customer privacy would damage the brand loyalty and reputation for strong security that the company enjoys. But cynicism aside, everybody should be concerned about the precedent that fulfilling the court order would set.
Tim Cook claims that this order constitutes an “overreach by the US government”, and analysts agree. There are a number of court cases similar to this one currently in progress. If Apple develops a backdoor in this one instance, it – along with other tech companies – could reasonably expect to fulfil comparable requests to breach security on countless other devices.
This legal battle forms part of the larger debate about encryption, a technology that has frustrated governments since it became a civilian privilege. With the present proliferation of encryption, it is an impossible challenge to eliminate it entirely or to create backdoors that cannot be exploited by bad actors. Weakening encryption can undermine cybersecurity generally with negligible benefits for national security. Criminals are unlikely to stick to communications methods vulnerable to decryption, so weakening encryption will mainly impact law-abiding citizens, who rightly may be concerned about the federal government’s ability to securely access these encrypted communications. On top of this, lone wolf attacks are notoriously difficult to predict and police forces are already adept at using metadata to determine communication patterns. In summary, it is nearly impossible to ensure that decryption technology is used against and by the right people. To knowingly create holes comprises a lot of privacy for a little security.
Strong encryption is incredibly important for preserving privacy and freedom of speech, at home and abroad. In China, for instance, where tech companies are already under pressure to make sure that their products are “secure and controllable”, Apple’s negotiating position will be weakened if it has already shown a willingness to dilute encryption standards at home. A recent UN report stressed the value of encryption in enabling freedom of expression and speech, and recommended that “states should avoid all measures that weaken the security that individuals may enjoy online, such as backdoors, weak encryption standards and key escrows”.
Bill Comey, Director of the FBI, said early last week that this impasse between Apple and the security agency needs to be solved by public debate. He stated that encryption “creates a serious tension between two values we all treasure – privacy and safety. That tension should not be resolved by corporations that sell stuff for a living. It should also not be resolved by the FBI, which investigates for a living. It should be resolved by the American people deciding how we want to govern ourselves in a world we have never seen before”.
Indeed, this is an important debate that the American public needs to engage with – but it is crucial they realise that they are deciding not just for America, but for the world.
Harriet Ellis is a Research Assistant in Future Conflict and Cybersecurity at the International Institute for Strategic Studies (IISS) and was the June - December 2016 International Security Fellow for Young Australians in International Affairs.
This article can be republished with attribution under a Creative Commons Licence. Please email publications@youngausint.org.au with any questions or for more information.
Image credit: iphonedigital (Flickr: Creative Commons)