Unlocking the Fight

Feature Article

The battle between the FBI and Apple will have significant impacts, no matter the winner

Only now has the contest truly begun. In mid-February, Apple dismissed a request from the FBI to unlock an iPhone belonging to Syed Farook, one of the deceased terrorists responsible for the San Bernardino shootings, in which 14 people were shot dead. On the face of it, observers may scratch their heads and wonder as to why Apple, one of the world’s most famous technology companies, would not comply with such a request. Look deeper into the story, however, and it is quite complex.

It began with the unveiling of the FBI’s request from Apple itself. The company published a letter on its website, in which it laid out its reasoning for refusing to comply, ensuring their customers that their privacy and security was a top priority. It, along with statements from the chief executive, Tim Cook, explained how the unlocking of the phone would risk the security of other iPhone users and also set what the company called “a dangerous precedent” permitting governments to forcefully unlock other devices in future cases. Despite this, some interpret the letter and the complementing rhetoric as a routine PR stunt, only serving as a way to get the public on the company’s side and safeguard its image in the short-term. However, statistics provided by Pew, a research firm, suggests otherwise; it found that 51% of people believe that Apple should comply with the FBI, as opposed to 38% who believed that the tech giant should not, and 11% who were undecided.

Less than a month later, after varied opinions swirled around the media on the subject, Apple made their case to Congress. A five-hour-long judiciary hearing saw both sides face scrutiny. FBI director, James Comey, was grilled by members of Congress who questioned the competence of the bureaucracy, querying whether it had really tried every other solution to try to unlock the phone before asking the Silicon Valley firm to do so. Equally, Bruce Sewell, Apple’s general counsel, was criticised for his companies failure to come up with a reasonable solution: “I don’t have a solution for this. What I think we need to do is give an appropriate and fair hearing.”

Also during the hearing, the question of whether this case would set a precedent for future similar cases inevitably came up. Comey appeared rather sheepish on the subject, while the chairman of the House judiciary committee, Bob Goodlatte, claimed that the case would not be ideal “to set a precedent.”

Nonetheless, this battle between one of the most iconic bureaucracies and one of the world’s most famous tech companies will indefinitely cause significant shifts in all the debates it involves. As both sides argue their cases, they also have drawn their swords, with the courts refereeing and spectators looking on intensely and attentively. In the end, a significant precedent will come, regardless of the eventual winner.

For Old Time’s Sake

In Apple’s letter to its customers, the company alluded to the FBI’s tactics to make it comply with its requests. The bureaucracy utilised an ancient law from the 18th century, called the All Writs Act of 1789. The Act states that “federal courts may issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.” The Act, by nature, is broad and vague; common characteristics when old laws are applied to unfamiliar situations, as is the case in today’s technology-driven world.

During the time that the Act was created, writs were a commonplace. However, there has been much less use of them and are now only used in rare or extraordinary situations. One of those situations includes the effectuation of warrants.

Thus lies the FBI’s legal reasoning for making Apple comply. In 1977, a Supreme Court ruling from United States v New York Telephone clarified that the rule on warrants (the federal rule of criminal procedure number 41) covered all searches and seizures. Furthermore, the Supreme Court also established that under the All Writs Act, the phone company could be required to assist law enforcement for what it deemed as legal and necessary purposes.

In the current predicament involving Apple and the FBI, the argument being presented by the bureau suggests that the tech giant should comply with the request to provide a backdoor, or allow for some kind of access to the information held on the iPhone in question, to aid a terrorist investigation.

There are a few conditions which need to be met in the issuing of a such a warrant which would force Apple to comply. One of them includes that the compliance must not be an “unreasonable burden” on the involved third party. This is where the potential controversy lies. Apple has certainly argued that dismantling the security measures on even one device triggers an unreasonable burden, although some have questioned as to whether this claim will hold up in court.

Though the greater problem with the FBI using the All Writs Act is that it was designed to deal with circumstances from many years ago, thus not making them exactly appropriate for the modern digital age. Can the issuing of a warrant and a writ permit the government to require a technology or software company to provide backdoors or decrypt devices to aid criminal investigations? The answer is not so clear, but the FBI has tried to twist this ambiguity in an attempt to favour its position. Even so, the particular scenario in which the FBI is attempting to cite these laws and precedents may not, perhaps, be ideal.

Though it is not just the FBI which has resorted to laws of the land from hundreds of years ago. Apple too, is utilising old laws for new times to argue its case.

The Freedom To Code

Tim Cook has been consistently adamant about his company’s stance from the beginning. There are two main arguments the company has emphasised in its opposition to the FBI; the risk of compromising cybersecurity and the neglecting of civil liberties. To directly oppose the FBI’s request with via the All Writs Act, though, the tech company’s legal team has looked to the famous 1st Amendment of the US constitution; the right to freedom of speech, expression and religion.

At first, it may seem not seem like the 1’s and 0’s which make up the DNA of computer software can be classed as speech or as a form of expression. Mr Sewell would suggest otherwise. The company’s lawyer proposed “the First Amendment prohibits the government from compelling Apple to make code.” This argument suggests that computer code is some sort of free speech, and thus by the government obligating Apple to develop the specific operating system it says it needs, a violation of the First Amendment is evident.

As compelling as this argument may seem, it has its faults. Never before has the law recognised code as a form of speech, therefore, Apple’s claim is rather unorthodox and risky. Yet there is one Supreme Court case which may help the tech giant. The ruling from Citizens United vs FEC (2010), which struck down parts of the Bipartisan Campaign Finance laws on the grounds that when it came to rights of political speech, corporations, as well as unions and other institutions, had the same rights as individuals. With that, these corporations, unions and institutions and their political endorsements are protected under the First Amendment.

If the court was able to equate money to speech, then it makes it more plausible that it would do the same for code. Code could be interpreted as a form of speech since, like writing or a painting, can be a medium which can be used to convey or share information. Computer code, after all, is what allows someone to conduct and sen our tweets and text messages or construct a website and upload a blog post. However, it may not be that simple. Protecting computer code under the First Amendment could have negative implications. By regulating code this way, there is the possibility that malicious code may be entitled to the same protection as good-natured forms of expression such as a song or a book.

Though Apple’s argument may still stand. By the FBI forcing the creation of another operating system, essentially it is asking the company to lie, in a sense, to its consumers. By composing software that would eliminate security parameters, the company compromises consumer trust in delivering sufficient security to protect their safety, which could be interpreted as a form of forced speech which would violate the First Amendment.

But to accompany its ‘code equals speech’ argument, Apple has also insisted that this case involves implications other than violations of free speech.

A Slippery Slope

Ever since the Snowden revelations in 2013, the issue of privacy and data protection has been brought to the fore. It encouraged a stampede of privacy advocates and data protection agencies to speak out of the need to safeguard civil liberties in the digital age. Tech companies, too, recognised this importance, and also acknowledged the uncomfortableness its customers felt around the idea of their government sifting through private information. Thus, those companies have implemented stronger security on their devices and products to bolster protection from unwanted third parties.

Apple has constantly focused on the argument that by developing an operating system for Farook’s iPhone that bypasses security precautions, it would risk other iPhone users to the perils of the many malefactors lurking around in cyberspace. What the FBI has specifically requested from Apple is to develop software, dubbed by the media as ‘GovtOS’, which eradicates a default security mechanism. After a certain number of failed attempts to unlock the phone using a four-digit passcode, the memory on the device is wiped. Without this setting, the FBI would be able to input as many passcode attempts as it takes until the right combination is figured out (a process known as ‘brute forcing’).

Apple’s opposition to this surrounds around the reality that the creation of such an operating system would put other users in danger. This is because hackers and malefactors will smell blood; as soon as they become aware that such software exists, they will constantly test the fence to exploit the vulnerabilities to hack into other iPhones. Smartphones have become a central hub for information, including data that is sensitive and personal. A smartphone is more likely to contain more information about a person than in any other singular place, as Tim Cook has pointed out. Thus, with such information available on smartphones, malefactors will certainly try to steal and manipulate this information for their own gains, of which are unpredictable. They could steal and sell personal information on the dark web, or use it to impersonate others to gain access to bank accounts (more on page 15). With this, even a company like Apple, with its impressive ability to keep its most anticipated products in development veiled until its official release, cannot use this skill to make its users immune to the realities of cyberspace and the dangerous eventualities it presents, since the prospect of creating such a software is known to the greater public and the lurking bad actors.

The FBI could try to develop this software on its own accord. However, the phone will not run any software that does not contain a cryptographically signed certificate from Apple which would confirm to the device that the software it is being instructed to run is legitimate. Interestingly, though, Apple had advised the FBI to take the phone to a network that it was familiar with, so that it would backup to iCloud, essentially making a copy of the phones memory and data which could be used numerous times. Unfortunately, however, the FBI, earlier on in its investigation, ordered the local authorities to change the iCloud password, making this suggested method useless.

In light of these circumstances, Apple has argued that the risks of creating this software, of which Cook calls a “cancer,” outweighs any possibility of finding anything of value in the phone. There is no guarantee that the phone would contain information which would aid the investigation, even though the FBI claims it would.

In addition to the cybersecurity issues, there is also the issue of civil liberties, in particular, the right to privacy. The FBI has insisted that its request is a one-off, although some doubt that. Law enforcements agencies have had to grapple with tech giants and their use of strong cryptography and other security measures, making it difficult to conduct legitimate criminal investigations without trampling on civil liberties. Thus, it is likely that if the FBI were to come out on top in this case, then it and other government agencies, and indeed other authorities, may use the resulting precedent to obligate other tech companies to comply with similar requests.

Recognising this, Apple has argued that debating such obligations should also be put before Congress. The tech firm insists that when it comes to the issue of privacy of American citizens, it should be debated by elected representatives, which would allow for, what it believes, a fairer process, greater scrutiny and accountability to avoid the possibility of governments abusing their power. The government can be held accountable and scrutinised accordingly to dissuade tyranny. However, with the obstructive gridlock in Congress, such a prospect is not guaranteed to be successful.

A Battle For The Ages

The latest twist in this saga emerged just as The Cyber Solicitor had completed this article. The FBI and Apple were meant to meet in court on March 22. But just a day before, the federal bureaucracy suspended the hearing after claiming it had found an “outside party” who may be able to unlock the phone without the tech company’s help. Cellebrite, an Israeli mobile forensics software company, according numerous reports, is the outside party. The FBI has until April 5 to let the court know whether this will be successful. Despite this, the legal battle, which could still proceed at a later date, will still have universal impacts. The UK’s Investigatory Powers Bill is designed to deal with the exact scenario being discussed currently, and an FBI victory may help the bill be seen as reasonable and more likely to pass. For European regulators, an Apple victory would be more ideal, as the prospect of the FBI prevailing would contrast their privacy-conscience motives, further complicating its relationship with US regulators. For the governments who have been criticised for their human rights records (such as China), there is the possibility that they may use the security-deprived software to tap into the devices of its citizens unlawfully. Thus, with so much at stake, the world will watch, intensely.