Apple vs. the FBI

Something Apple has gotten right, from my understanding, is that enabling password locks on their devices automatically invokes encryption of data on the device.  I'm by no means an expert on Apple technology, so am taking the word of various articles that I've read in the past.  That is a great feature from a security standpoint, and apparently has in part led to the current news stories regarding the FBI demands for Apple to "hack" the phone of one or more of the San Bernardino killing suspects. 

I'll keep my personal views to myself on the specific story, in part because I'm still forming those views as the case develops.  I thought I might share that the ability for our government and other entities to seize, intercept, and force the deciphering of information is the reason that European Union governments do not consider the U.S. a secure place to do business with regard to information handling.  In fact, the EU considers member nations and a select group of 3rd party nations as being secure for data exchanges, but for the U.S. they had to adopt the "EU Safe Harbor" legal concept which is a relationship between EU-based businesses and the U.S. Department of Commerce.  EU Safe Harbor has been in the news itself over the last few months due to being struck down by their courts, and now a new set of legislation is evolving to take its place.

While working on a project for a company involved in that scenario, I found it interesting that other nations would consider U.S. data privacy and protection legal mechanisms to be insufficient.  The project was educational on several fronts including that one.  I've spent some time this afternoon looking for a succinct article with details, but everything I have found requires a good deal of reading to reach the interesting part.  For the sake of brevity here is text and a link to the Wiki article on EU Safe Harbor laws. The paragraph (bolded) below is an excerpt specifically discussing what I've said here and the Wiki link is:  https://en.wikipedia.org/wiki/International_Safe_Harbor_Privacy_Principles

On 6 October 2015, the European Court of Justice invalidated the EC's Safe Harbour Decision, because "legislation permitting the public authorities to have access on a generalised basis to the content of electronic communications must be regarded as compromising the essence of the fundamental right to respect for private life" (boldened in original text).[16]:2-3

Overall, this is an interesting development and illustrates how conflicts of governance, priorities, and approaches can be very complex in the real world.  Our primary blanket protection of privacy (from government) in the U.S. is based in the 4th amendment of the Constitution.  The 4th amendment reads and has been interpreted to protect "reasonable expectations" of privacy for individuals.  That differs from expectations in other parts of the world and indeed under other compliance standards.