Privacy vs. National Security: Apple Case

The tension between national security and privacy is continuing. There are several articles discussing the very interesting debate relating to the court order issued last Friday requiring Apple to aid the Federal Bureau of Investigation in gaining access to the iPhone of one of the attackers in the San Bernardino killings, Syed Rizwan Farook.

Apple is of the position that helping the F.B.I. essentially hack into one of the company’s own phones would set a dangerous precedent and that it will only hand over data to comply with a court order when it is technically able to do so. Since fall of 2014 and with the update to its iOS software, Apple switched off its ability to retrieve data from its phones and tablets. By doing this, Apple tried to take itself out of the equation when law enforcement is looking for access to a phone and accordingly now Apple is "technically unable" to retrieve information on phones. Apple said that in order to comply with the court order it would have to create new software to do this.

In contrast, Apple encrypts data on its iCloud and holds on to the key, which it uses to gain access to the data to get back customer's data when it is lost and accordingly it is technically able to retrieve information if requested by court order. It is difficult for Apple to take away its ability to gain access to information on cloud when that this ability to retrieve information is the reason the customers are using its service. The only solution here to avoid law enforcement orders on information on the icloud, is for Apple to figure out a consumer-friendly way to keep the data under lock and key — a key Apple wouldn’t be able to use — without making it inconvenient for people who need to retrieve backups.

Apple had obeyed a demand to provide the government with the information in Mr. Farook’s iCloud account. However, the F.B.I. wants to write a computer program to send the phone an unlimited combination of passwords until it finds one that works. But Apple built its phones to protect against that tactic. Each wrong guess causes a short delay, which would significantly slow the F.B.I.’s effort. After too many incorrect guesses, the phone will automatically erase its memory. But then Apple was asked to undermine the phone’s security system so the F.B.I. could try as many passcodes as possible to open the phone without erasing the stored data. Apple refused.

On the other hand, the F.B.I argues that it has a warrant, Mr. Farook is dead, and his iPhone, which he used for work, is the property of San Bernardino County, which consented to having it searched. The data on the phone could yield valuable intelligence, making its content a legitimate matter of national security. In Apple’s public response, the company said it was fighting the F.B.I.’s demands not because it objected to the government unlocking Mr. Farook’s phone but because the government could then ask Apple to undermine the security of other iPhones and because such software could potentially help criminals and repressive governments hack iPhones. By analogy, the company doesn’t have a key to the phone so the government is asking it to make the lock weaker.

Apple is trying to find creative ways to avoid access to its customer data and it appears they are succeeding in limiting the amount of information to which governments can gain access to. In its most recent report, covering the first six months of 2015, Apple received nearly 11,000 requests from government agencies around the world regarding information on roughly 60,000 devices. Apple provided some data in roughly 7,100 of those requests, the report said.

 Articles:

Apple Still Holds the Keys to Its Cloud Service, but Reluctantly

Should the Authorities Be Able to Access Your iPhone?

In the Government vs. Apple, Who Wears the Black Hat?