For the first time ever, U.S. District Court Judge Sheri Pym, ruled that the tech giant, Apple, must provide technical assistance to the Federal Bureau of Investigations (FBI) to unlock and access the data on an iPhone 5c that was owned by Syed Rizwan Farook. Mr. Farook and his wife were the ISIS-inspired shooters in the San Bernardino massacre that left 14 people dead. Specifically, the FBI is requesting assistance from Apple in three ways: (1) to bypass or disable the auto-erase function whether or not it has been enabled; (2) to enable the FBI to submit passcodes to the iPhone for testing; and (3) to ensure that when the FBI is inputting passcodes, the software on the device will not intentionally introduce additional self-protection mechanisms. Simply put, the security features in the device are too hard for the FBI to bypass, so they want Apple to hack it to make accessing the phone’s data much easier.
Immediately after the court ruling, Apple CEO Tim Cook, issued an open-letter to customers stating that, “the United States government has demanded that Apple take an unprecedented step which threatens the security of our customers…we oppose this order, which has implications far beyond the legal case at hand.” Many Americans can only see this situation as far as the San Bernardino case and believe that Apple should assist the FBI in hacking the terrorist’s phone. This is a pivotal moment in our lives where consumer privacy is being directly challenged by national security. Before we make an anxious decision on this situation, there must be an understanding of what is at stake.
We have heard repeatedly that encryption is hindering the government’s ability to investigate terrorist activity and therefore, putting national security at risk. This has prompted the government to request that companies, like Apple, build a backdoor into the system to aid with investigations. A backdoor is a hidden way to bypass a system’s security features, but only for those aware of its existence. FBI Director James Comey told the Senate Intelligence Committee that the encryption on smartphones was “overwhelmingly affecting” their ability to unlock the phone in search of critical clues that could help crack the case.
In this case, many Americans feel that national security should trump consumer privacy and that the government should have access to crack the encryption. This population of citizens feels that “if you’ve got nothing to hide, you’ve got nothing to fear.” This statement is immensely flawed for many reasons; however, one need not look further than the legal system to understand that: everyone has something to hide.
First and foremost, this kind of thinking mistakenly makes the assumption that only criminals desire privacy. It completely neglects that privacy is necessary for controlling information about oneself, required for human dignity, and essential for intimacy. Furthermore, it negates the human necessity to control the access that others have to us and the value of the privilege of personal expression and choice. It also makes the assumption that a person knows when they have done something against the law. According to senior researchers at the Library of Congress, it is nearly impossible to know how many laws there are in the United States. In fact, Supreme Court Justice Stephen Breyer suggested that the modern federal criminal law is so complex that it would be virtually impossible for anyone to know, in advance, when they may be breaking the law or not. When it comes to the law, you always have something to hide and most times are unaware of it. Former Virginia Beach Police Officer George Bruch eloquently stated, “I can follow a person for as long as I want and eventually they will do something that I can pull them over for…if you think you’re perfect, think again.”
So to the population of Americans that believes that they have nothing to hide, you do, but you just aren’t aware of it yet.
Encryption isn’t new. The earliest known use of encryption was found in ancient Egyptian hieroglyphs over 4000 years ago. Advancements in technology have enabled all of us, including terrorists, to protect information that we do not want in the public forum. It has enabled us to protect things that we value and want to hide. It has enabled us to keep secrets. The government has issue with this, claiming that it is hindering law enforcement.
Historically, if law enforcement wanted to keep track of someone, they had to assign physical resources to follow the person from place-to-place. Today, everyone carries the mother of all tracking devices –smartphones. This makes tracking a suspect that much easier. Especially since our smartphones are the most substantial treasure trove of data in our lives. It sees, hears, and stores more about us, individually, than any other device. This is precisely why the FBI wants access to the iPhone belonging to the San Bernardino shooter. So, why won’t Apple create a way for the FBI to get into the iPhone?
Because once we open that door, we cannot go back. First, it is almost impossible to say with certainty that a backdoor created for the shooter’s phone will not work on other iPhones. The existence of a backdoor would make it possible for other iPhones to be hacked in a similar by malicious hackers. If hackers are aware of the existence of a backdoor, they now have reason to search for it. Also, once Apple complies with this request from the fed, there will be more. This has been proven. When Edward Snowden released an abundance of classified documents from the National Security Agency (NSA), it was publicly revealed that the major companies, like Sprint, Microsoft, Google, and others, had been turning over customer data to the U.S. government, every six months, for decades. Making the American public aware of this relationship, between the feds and the private sector, was bad for business.
Some legal experts argue that the existence of encryption does not suggest a reasonable expectation of privacy; therefore, if the government cracks encrypted data, it is not a violation of the Fourth Amendment. However, if you use a passcode to lock the device, thereby keeping the encrypted contents hidden from plain view, this does retain a reasonable expectation of privacy. The FBI is asking Apple to bypass the deceased user’s passcode that locks the device so that they can have access to the encrypted contents of the iPhone. Technically, this would be a violation of the Fourth Amendment.
Other experts suggest that this would not be a violation of the Fourth Amendment because Mr. Farook’s phone is actually property of San Bernardino County, where he worked. In many cases, when an employee receives a company phone, the employer administers the phone using mobile device management (MDM). MDM enables the employer to secure and monitor mobile devices in the possession of the employee. It seems that San Bernardino County did not use MDM. But it is interesting that MDM has not been mentioned in the conversation at all. Perhaps, instead of attacking encryption, the government should be encouraging employers to use MDM on mobile devices, which would make their investigations easier. We aren’t having that conversation because cracking encryption would provide the fed with an overall wider swath of data.
The San Bernardino massacre was horrible and the FBI should have access to information that will help them crack the case; however, we have to decide how far is too far. It is unknown whether or not Apple will be forced to comply with the court’s ruling, but one thing is certain, we are standing at the precipice of the end of technological privacy. Without encryption, there will be no way to, technologically, protect your privacy.