Apple vs. the FBI: A Primer

You may have heard that Apple and the FBI are in a war of words over unlocking an iPhone. But what exactly is going on, and how is each side arguing their case? It’s a bit more complicated than it may seem at first glance.

apple-iphone-815594_960_720

Background

On December 2, 2015, Syed Rizwan Farook and his wife, Tashfeen Malik, opened fire on Syed’s coworkers in San Bernadino, California, killing 14 people. The pair was killed in a shootout with the police shortly thereafter. It was later revealed through an FBI investigation that the couple had increasingly become interested in violent jihadism and were inspired by foreign terrorist organizations to commit the attack.

Among the evidence collected was Syed’s iPhone 5c. Investigators hope that some additional information regarding co-conspirators might be found on the phone, but they are unable to access it due to not knowing the passcode that Syed set up to unlock the phone and decrypt the data. Some of Syed’s data was backed up to Apple’s iCloud service, but not the most recent activity before the attack. The FBI is now seeking Apple’s cooperation to retrieve the data from the phone itself.

Apple’s Position

Apple rejected the FBI’s request for assistance on the grounds that it would pose a security threat to all of their customers. Based on the search warrant the FBI had procured, what was requested was that Apple develop a modified version of the iOS operating system that could be run on the phone’s RAM while the FBI attempted to unlock the phone. This modified OS would deactivate certain security features, including the feature that erases all data on the device if too many attempts are made to access the phone with an incorrect passcode.

Upon Apple’s initial rejection, the FBI sought a court order compelling Apple to cooperate in the creation of an operating system that would bypass these security features. This order was granted by a federal judge under a relatively obscure 18th century law called the All Writs Act of 1789. Apple’s CEO, Tim Cook, issued a public statement in response on February 16, 2016 rejecting the court’s order on several grounds. Primarily, he argued that it placed an undue burden on the company to hack its own software, and that doing so would put all of its customers at risk of malicious cyberattacks. Since the data on newer iPhones, such as Syed’s iPhone 5c, is encrypted and is not decrypted until the passcode is entered, it is not possible to simply retrieve the data on this one phone. What is necessary is a modification that could affect the operating system source code on any device running iOS 9 and disable certain security and encryption features. There is no way to be certain that this would solely be used in this one case and that the code would not fall into the wrong hands.

Mr. Cook’s secondary argument is that, even if hackers and malware creators didn’t obtain this code, the ability of the United States government to compel the creation of such code sets a precedent that could be abused by the U.S. federal government or other governments, such as China or Russia, could demand a similar program to bypass security and allow unlimited force hacking of citizens’ iPhones.

In all, since there is no way to create code that will only bypass the security features on Mr. Farook’s iPhone without compromising every other iPhone on Earth, it is too dangerous a proposition.

The FBI’s Position

The FBI claims that Apple is misrepresenting what it is that is being requested. As the FBI Director, James Comey wrote in an op-ed, “The relief we seek is limited and its value increasingly obsolete because the technology continues to evolve. […] We don’t want to break anyone’s encryption or set a master key loose on the land.”

Because the person in possession of the phone has died a criminal, and because the phone’s legal owner (Syed’s employer) has given permission for the phone to be unlocked, the FBI says that there is no privacy violation occurring. Furthermore, they state that any concerns regarding security of other phone’s are not valid, because they would allow Apple to remain in possession of the newly coded operating system hack. This would, in their view, prevent any unauthorized usage.

Current Status

While the issue continues to be argued in court, the issue is at a bit of a standstill. Apple’s latest argument is that a government commission or Congressional committee should settle this issue once and for all, surely hoping for a decision in their favor, or at least a federal law more specifically tailored to this sort of case, since none currently exists.

The New York Times reports today that, despite the FBI’s claims that this would be implemented exclusively for this case, the government is currently trying to get Apple to perform a similar process on at least nine other devices to find evidence for federal prosecutors in other cases. This seems to back up Tim Cook’s assertion that the government has “hundreds of iPhones they want Apple to unlock if the FBI wins this case.”

Time will tell what the outcome will be, but this is certainly one of the largest cases in recent memory to pit personal privacy against national security so directly.