The U.S. Federal Bureau of Investigation has asked Apple to crack an encrypted iPhone to see if it contains evidence pertinent to a terrorism investigation. Apple is resisting the request and the two sides are now battling in court. While the battle is being fought in the United States, the case’s resolution will have global implications, and not just because Apple has sold more than 700 million iPhones worldwide and has the second-largest market share.
The iPhone 5C in question was used by Syed Rizwan Farook, one of the two San Bernardino shooters who killed 14 people in early December before being killed in a shootout with police. Farook had been backing up the phone to the cloud — which the FBI can access — but he stopped several weeks before the attack. The FBI thinks there may be information on the phone that can help them find accomplices or connections but it has been unable to crack the security system on the phone; the software only allows 10 attempts to try a password before the data is deleted. The FBI has obtained a court order to force Apple to help them beat that security system. In its appeal against the order, Apple counters that it has cooperated with the FBI as much as it can and compelling it to do more would be unconstitutional.
The case raises two vital issues. The first concerns the government’s ability to compel Apple to work on its behalf. The FBI is not asking that Apple hand over a key to the phone; there is little doubt that the government could force it to do so. But no such key exists. Instead, the FBI is demanding that Apple write new software that will allow it unlimited attempts to crack the password. Apple is concerned — and rightfully so — that the FBI request is dangerous overreach. It is being forced to develop software for government purposes. That begs the question why the FBI or scientists at the National Security Agency — the agency responsible for U.S. communications security and reputed to have the most advanced technology in the world — cannot do the job. Why must Apple create the software? The FBI response is that only Apple has the proper security credentials to have the phone accept new software, an assertion that merely rephrases the original problem — if they can crack the phone, then the FBI or the NSA should be able to spoof Apple’s security credentials.
Apple insists that the FBI request “will set a dangerous precedent for conscripting Apple and other technology companies to develop technology to do the government’s bidding in untold future criminal investigations.” They are right. If the FBI prevails in this case, what would prevent the government from later demanding, for example, that Apple (or another company) write software that tracked the location of a phone or turned the phone on to film and record its user? The logic of the request — based on an 18th century law — knows no bounds.
The second key issue concerns the government’s desire to ensure that it has access to phones and devices. Apple charges that the FBI is asking for a “backdoor,” an accusation that the FBI denies. Instead, it says it wants a particular tool for a particular case. That is false. There is a long list of other cases in which prosecutors want similar orders. And Apple has noted — and the Justice Department acknowledged — that it has recently received, and resisted, similar orders to help unlock iPhones and an iPad. As Apple President Tim Cook explained in an open letter, “in the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession. … Once created, the technique could be used over and over again, on any number of devices. In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes.”
Apple is not alone in this fight. Other tech giants such as Microsoft, Google, Twitter, Facebook and Yahoo have or will file briefs backing Apple in court. They should. The stakes are high. Those firms have been making it easier to use technology for all parts of life, from ordering coffee to getting health care, from watching TV to remote control of your house, all of which demands (or creates) personal information. The greater our reliance on technology, the greater the need for security.
The balance between privacy and security is always tenuous. But threats come from all directions. While the chief U.S. concern today is terrorists, in other countries and at other times the threat comes from the government itself. The debate over the appropriate level of protection and transparency has been especially heated since the Snowden revelations of U.S. government surveillance programs and the balance is always being recalibrated but there must be some limits on government intrusions into the lives of private citizens.
The U.S. government should also remember that its actions ripple throughout the world. It has lost the moral high ground on questions of surveillance. Complaints that Chinese companies work hand in glove with the Beijing government and cannot be trusted now ring hollow. The United States has been forcing the same role on American technology companies. It is dangerous over-reach.