Tim Cook Vs. FBI: Why Apple Is Fighting The Good Fight - InformationWeek

InformationWeek is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

IoT
IoT
Mobile // Mobile Devices
Commentary
2/21/2016
11:06 AM
Thomas Claburn
Thomas Claburn
Commentary
Connect Directly
Google+
LinkedIn
Twitter
RSS
50%
50%

Tim Cook Vs. FBI: Why Apple Is Fighting The Good Fight

A court has told Apple to compromise an iPhone owned by one of the shooters in the December San Bernardino attack that killed 14 people. But Apple should not be required to enlist in the war on bad things.

Encryption Debate: 8 Things CIOs Should Know
Encryption Debate: 8 Things CIOs Should Know
(Click image for larger view and slideshow.)

Apple has been ordered to work for the US government, without compensation, to undo the security system in one of its iPhones. The court order amounts to an endorsement of a surveillance state, not to mention forced labor.

The FBI won the order from a magistrate judge in Riverside, Calif. It directs Apple to create a custom version of iOS for an iPhone 5C that belonged to (but evidently was not managed by) the San Bernardino County Department of Public Health and was used by Syed Farook, one of the two shooters who killed 14 people in San Bernardino in December.

The custom software, dubbed "FBiOS" by security researcher Dan Guido, is intended to disable iPhone security features that delete phone data if the device passcode is entered incorrectly 10 times and that limit the number of passcode entry attempts that can be made per second.

Apple CEO Tim Cook said the company intends to challenge the order, stating that the "demand would undermine the very freedoms and liberty our government is meant to protect."

Nobody likes terrorists. But authoritarian coercion isn't the only alternative.

In this instance, the legal precedent matters more than the crime. If the case were different, if there were a nuclear bomb ticking away somewhere in a major city and the phone in question had information that could disarm it, any company that could help would do so. No judicial process would be required, even if it might be desirable as a matter of legal compliance.

That's not what's at stake here. This isn't a hypothetical scenario constructed to allow only one rational answer. The FBI may obtain useful information, but it may not. The agency doesn't know what's on the iPhone. Yet to access an unknown cache of data, the government has obtained approval for a judicial key that unlocks all digital locks.

(Image: Apple website, altered as commentary)

(Image: Apple website, altered as commentary)

The government suggests it only wants access to this one device. But Cook and others assert that granting the government's demand for access has broad implications. "If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone's device to capture their data," Cook said in an open letter to customers. "The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone's microphone or camera without your knowledge."

Companies that do business in the US provide assistance to US law enforcement agencies quite often, either on a voluntary basis or in response to a lawful demand like a warrant or a National Security Letter. But the government hasn't publicly demanded that a business create custom software at its expense to undo the security it has implemented. Such malware might be expected from an intelligence agency, but not from a commercial vendor.

We've lived with technological insecurity for years, which is why encryption has never been a significant impediment to government investigations and intelligence gathering. A recent report from Harvard University's Berkman Center found concerns about encryption's impact on law enforcement overblown. There have always been enough vulnerabilities to exploit to deal with encryption.

But following Edward Snowden's revelations about the scope of government surveillance, things began to change. Apple and its peers began to realize that their businesses were at risk if they didn't improve the security of their software and hardware. Now the government wants to undo that work. And we need to re-examine the notion that any action taken in the name of national security should stand without question.

As the Internet of Things becomes more widespread, the government's ability to compel companies to grant access to any device means surveillance on demand.

[Read IoT Next Surveillance Frontier, Says US Spy Chief.]

It's bad enough that surveillance is a byproduct of connectivity. IoT alarm systems record comings and goings. Internet usage leaves tracks. Movement with a smartphone is easily mapped. Samsung has taken to including a warning in its privacy policy that its SmartTV may capture conversations in homes and transmit them to third parties.

Now imagine how the law enforcement agencies can magnify this IoT side effect if the FBI's demand for Apple's assistance is upheld. With easily obtained legal cover, authorities will be able to require that companies create custom software updates to reprogram routers, cameras, microphones, security systems, and connected cars, among other networked devices.

They may even be able to insist that these insecurity patches get pushed to individuals or groups silently, as over-the-air updates. And it's not just the US government that will do so. Every government of any significance will impose the same requirement, all in the name of protecting us from terrorism.

We can have protection if our data goes unprotected. That's the government's argument.

Developer Marco Arment offers a succinct assessment of the FBI's overreach: "They couldn't care less that they're weakening our encryption for others to break as well -- they consider that an acceptable casualty. They believe they own us, our property, and our data, all the time."

Tim Cook is taking an important stand. Steve Jobs would approve. As Jobs put it at the D3 Conference in 2010, "We take privacy extremely seriously." 

Are you an IT Hero? Do you know someone who is? Submit your entry now for InformationWeek's IT Hero Award. Full details and a submission form can be found here.

Thomas Claburn has been writing about business and technology since 1996, for publications such as New Architect, PC Computing, InformationWeek, Salon, Wired, and Ziff Davis Smart Business. Before that, he worked in film and television, having earned a not particularly useful ... View Full Bio
We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
<<   <   Page 2 / 6   >   >>
vnewman2
100%
0%
vnewman2,
User Rank: Ninja
3/1/2016 | 12:30:28 PM
Re: Situation could have been avoided
I just checked with our Asset Admin department who controls and manages all the firm owned phones and plans with ATT, Verizon, and Sprint.  I was told, at least with regard to iPhones, a lost password cannot be recovered - the person would need to connect to iTunes, wipe the phone and start over again.
batye
50%
50%
batye,
User Rank: Ninja
3/1/2016 | 3:45:47 AM
Re: With apologies to Archer...
@Broadway0474, everything changes... nothing stays the same...
Broadway0474
50%
50%
Broadway0474,
User Rank: Ninja
2/29/2016 | 11:05:22 PM
Re: With apologies to Archer...
Joe, the key is that people really trust in the government in the US. Or at least the government run by their party. It's an amazingly transformation (or regression) considering how little trust Americans had in their leaders in the 1970s.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
2/28/2016 | 10:36:38 PM
Re: With apologies to Archer...
I think you are overestimating the reach and influence of the data-protectionist tech circle.  While you and I might be rooting for Apple, don't forget that you and I read tech sites and work in fields where we are highly concerned about data protection and data privacy.  There is also a popular faction that is vocally opposed to Apple/supportive of the government's efforts here (with notables such as Bill Gates and Donald Trump being public faces of those efforts).  Polling indicates that about half of Americans think that Apple should backdoor the iPhone.
Joe Stanganelli
50%
50%
Joe Stanganelli,
User Rank: Author
2/28/2016 | 10:33:45 PM
Re: Situation could have been avoided
Well, the FBI did win the court battle.  Now Apple is appealing.

With the text of the EU's Privacy Shield, a.k.a. "Safe Harbor 2.0", being released in less than 12 hours from this posting (and with that proposal being less binding than original Safe Harbor was), if Apple loses, then I suspect that will severely impact US tech companies' ability to do business abroad.
Broadway0474
50%
50%
Broadway0474,
User Rank: Ninja
2/28/2016 | 9:11:35 PM
Re: With apologies to Archer...
SachinEE, that is what I was thinking. I think the wrong compromise with the feds could put Apple in a spot where their brand is tarnished. Whether that would lead to reduced sales over the longer term, that part I am not so sure about.
SachinEE
50%
50%
SachinEE,
User Rank: Ninja
2/28/2016 | 2:58:09 AM
Re: Situation could have been avoided
@Pedro: The problem would be when the Feds track down a criminal and collect his data and at the same time the criminal is in a country whose government is trying to track him down, and since the Feds have the data they wouldn't be giving it away just like that.
SachinEE
50%
50%
SachinEE,
User Rank: Ninja
2/28/2016 | 2:56:31 AM
Re: Apple vs FBI
@Joe: McAfee might know security measures but they seem to be changing and are being upgraded by the hour. So don't hold on to any of his boasts.
SachinEE
50%
50%
SachinEE,
User Rank: Ninja
2/28/2016 | 2:53:05 AM
Re: With apologies to Archer...
@Broadway: Any middle ground is Apple's loss, because most of the public don't understand anything and they only follow what the media tells them, and if Apple makes a compromise the media will follow suit and say all bad things about how Feds are watching over us due to Apple, and this would create declining iPhone sales.
Broadway0474
50%
50%
Broadway0474,
User Rank: Ninja
2/27/2016 | 9:44:26 PM
Re: With apologies to Archer...
Joe, given the strong and public stance that Apple has taken at this point, do you think they can take a middle ground compromise with the feds? I think that would be viewed as a loss for Apple, no?
<<   <   Page 2 / 6   >   >>
Commentary
Get Your Enterprise Ready for 5G
Mary E. Shacklett, Mary E. Shacklett,  1/14/2020
Commentary
Modern App Dev: An Enterprise Guide
Cathleen Gagne, Managing Editor, InformationWeek,  1/5/2020
Slideshows
9 Ways to Improve IT and Operational Efficiencies in 2020
Cynthia Harvey, Freelance Journalist, InformationWeek,  1/2/2020
White Papers
Register for InformationWeek Newsletters
Video
Current Issue
The Cloud Gets Ready for the 20's
This IT Trend Report explores how cloud computing is being shaped for the next phase in its maturation. It will help enterprise IT decision makers and business leaders understand some of the key trends reflected emerging cloud concepts and technologies, and in enterprise cloud usage patterns. Get it today!
Slideshows
Flash Poll