Home / Opinions / Apple vs the FBI: Your questions answered

Apple vs the FBI: Your questions answered

by

AppleFBI

All the latest news on Apple's dispute with the FBI

UPDATE 22/2/16: Apple CEO Tim Cook sent an email to Apple employees on Monday in which he says the company's refusal to cooperate with the FBI is a defense of civil liberties.

The memo reiterate's Apple's 'no sympathy for terrorists' stance before going on to explain that the San Bernardino case is "about much more than a single phone".

Cook also reaffirms Apple's position in relation to the court order demanding the firm help the FBI hack an iPhone, calling for the government to form a commission to discuss the issue and others like it.

He writes: "We feel the best way forward would be for the government to withdraw its demands under the All Writs Act and, as some in Congress have proposed, form a commission or other panel of experts on intelligence, technology and civil liberties to discuss the implications for law enforcement, national security, privacy and personal freedoms. Apple would gladly participate in such an effort".

Apple will be posting answers to questions about the case on apple.com/customer-letter/answers/ to "provide more information on this issue".

UPDATE 22/2/16: Several victims of the San Bernardino attack are to voice their support for the FBI as the agency increases pressure on Apple to hack one of the shooter's iPhones.

Stephen Larson of law firm Larson O'Brien, told local Southern California newspaper, The Press-Enterprise, that he will file a legal document on behalf of the, as yet unnamed, victims.

The amicus brief will advise the court that Apple should cooperate with the FBI in the ongoing investigation into the San Bernardino terrorist attack in which 14 died and 22 were injured last December.

Meanwhile, FBI director James Comey has responded to Apple's open letter in a post on the Lawfare blog, saying that the FBI's demands are 'about the victims'.

He goes on to deny that the court order asking Apple to help the FBI recover data from the shooter's iPhone constitutes the creation of a so-called 'backdoor'.

He writes: "We simply want the chance, with a search warrant, to try to guess the terrorist's passcode without the phone essentially self-destructing and without it taking a decade to guess correctly.

"That's it. We don't want to break anyone's encryption or set a master key loose on the land."

UPDATE 19/2/16: Apple has been given three extra days to make a decision on whether it will help the FBI by hacking an iPhone.

On Tuesday, the company was given five days to respond to the court order asking Apple to help the FBI bypass security features built in to iOS.

Now, CNN has reported that the firm has been given a three day extension, meaning the deadline for a response has moved to Friday, February 26.

Despite a defiant open letter opposing the order from Apple CEO Tim Cook, the firm has yet to file any legal documents challenging the directive.

Apple vs the FBI FAQ: The issues explained

The ongoing fight between companies and authorities over encryption reached new heights this week as it was revealed that Apple has been asked by the FBI to essentially build a backdoor into iPhone software.

Apple CEO Tim Cook's open letter, published on the Apple website, lays out exactly what the firm has been ordered to do and calls for a public discussion on the matter of encryption.

But for many, especially those outside the tech community, this conversation can seem impenetrable, making a public discussion that much more difficult to foster.

It seems then, that we could all do with a bit of a refresher on the matter at hand, so as to prime ourselves for the impending discussion. Here's a rundown of the situation as it stands.

What exactly has Apple been ordered to do?

In December 2015, a married couple living in Redlands, California attacked a training event held by the San Bernardino County Department of Public Health. 14 people were killed and 22 were injured in the terrorist shooting.

Following the event, an FBI investigation turned up an iPhone belonging to Syed Farook, one of the perpetrators. A US Federal judge then ordered Apple to provide investigators with access to the phone's encrypted data, which according to the court papers, the firm 'declined to provide voluntarily'.

The court filing specifically refers to Farook's iCloud account. Prosecutors say he seems to have disabled the iCloud data feature a month and a half before the shooting, leaving investigators unable to access evidence that only resides on the phone and has not been backed up to the cloud.

After the court order was issued, Apple CEO Tim Cook posted an open letter explaining the company's opposition to the ruling. In it, he describes the government's demands as follows:

TimCookQuote1

One of these security features which the FBI wants disabled is one which deletes all the user data after a certain amount of failed passcode entries. Investigators risk losing all the information on Farook's phone if they continue to try to guess the passcode incorrectly, hence why they want that particular feature disabled.

If Apple is unable to disable the auto-erase function, the court order states that the firm should create software that enables them to do so.

Apple has been given five days to respond.

Why is this a big deal?

The debate over data encryption and when, or even if, authorities should have the right to order its removal, has been going for some time. Tensions have somewhat increased since the Edward Snowden revelations which exposed massive government surveillance in both the United States and UK.

Apple's latest run-in with the authorities therefore seems more salient than it would have even five or so years ago, especially as companies, including Apple, ramped up their security features in the wake of the Snowden leaks.

Related: Snooper's Charter explained

iPhone displayApple has been asked to make a less secure version of iOS

When it comes to the current debate on data security, the key phrase to bear in mind is End-To-End Encryption. This is a name for a method of secure communication that stops third parties accessing data while it's being transferred from one party to another. If you send a Whatsapp message to a friend for example, the data is encrypted until it reaches your friend so that anybody looking to intercept it will be unable to interpret it.

End-To-End encryption involves using cryptographic keys to decrypt data once it has been received by the end user. As it stands, these keys are stored on the end user's device, meaning the company's server, whether it be Whatsapp or iMessage, will simply transfer the data without decrypting it.

Any effort to transfer the key to the company itself would thereby essentially create a 'backdoor' into the user's data. It is this which worries opponents of increased surveillance powers for authorities, as such legislation could mandate the existence of such a 'backdoor' to help investigations.

The Apple situation is similar, although not directly related to end-to-end encryption. In the open letter, Cook says the following:

TimCookQuote2

Apple is essentially making the argument that creating a version of iOS with paired-down security features would constitute the creation of a key, which if a hacker got a hold of, would provide a backdoor into millions of users' private information: much the same as with the end-to-end encryption key debate.

This is a big deal because not only would it create a potentially devastating security threat for iOS users were it to fall into the wrong hands, it also sets what Apple calls 'a dangerous precedent' by establishing the government's right to 'reach into anyone's device to capture their data'.

Is this whole thing different from the Snooper's Charter?

Kind of but not really. The Snooper's Charter is a name given to a series of proposed changes to British surveillance legislation. After facing a backlash upon its initial introduction, the reforms were reintroduced in the form of the Investigatory Powers Bill last year.

The Investigatory Powers Bill, a final decision on which is yet to be made, essentially makes it easier for British authorities to find out which online services someone has used by asking companies to retain 'internet connection records' for 12 months.

Related: What's new in iOS 9.3?

GCHQUK Intelligence agency GCHQ was implicated in the NSA revelations

Although it does not give explicit authorisation for agencies to demand decryption of data, critics say it brings us closer to such legislation and opens the door for more aggressive powers which could compromise end-to-end encryption in the future.

In that sense, the debate is somewhat similar to the Apple vs FBI issue. Opponents in both cases are concerned about the wider implications of government intrusion on personal data and the potential for hackers to carry out potentially damaging attacks by exploiting backdoors.

Why should Apple oppose the order?

To use Tim Cook's words, the creation of a less secure iOS 'would be the equivalent of a master key, capable of opening hundreds of millions of locks – from restaurants and banks to stores and homes.'

Although the US government is insisting that the software would only be used once, in the case of the San Bernardino shooting, there are of course wider concerns about the precedent it sets and how Apple and the authorities would ensure the software was kept secure enough to prevent others from accessing it and using the 'master key'.

As Cook explains:

TImCookQuote3

From Apple's point of view then, the court order is an overreach on the part of the Federal government; a solution that's worse than the problem itself. By building this particular version of iOS, Apple says it would be creating a 'backdoor into its own products', opening the door to further overreaches from government on the one hand, and large-scale hacking attacks on the other.

There's also the issue of whether other governments will be able to demand the same right as the US government. If Apple agrees to let the US government overrule data safeguards, other governments such as China would likely demand similar rights.

But wouldn't it be easier to comply?

In the initial court filing, prosecutors said Farook's iCloud account suggested Syed Farook was communicating with victims prior to the attack, and that phone records indicated he used the iPhone to contact his wife and co-perpetrator Tashfeen Malik.

The FBI says that the new version of iOS is required in order to acquire all the evidence and carry out the investigation in full.

Related: iOS 9 tips and tricks

Investigators say Apple must help them unlock an iPhone beloging to one of the San Bernardino shooters

Last week, FBI director James Comey spoke to the Senate Intelligence Committee about how tech companies can help with criminal investigations, citing the San Bernardino case in particular. Advocates of increased surveillance powers, such as Comey, say that security features can often undermine the rule of law, and that more powers are needed to ensure investigations can be carried out effectively.

Comey also highlighted the extent to which issues with encryption affect every level of law enforcement, saying "it affects our national security work, but overwhelmingly this is a problem that local law enforcement sees".

Last year the head of the National Security Agency, Adm. Michael S. Rogers, suggested the creation of a 'digital key', the type of which Apple has this week vehemently opposed. Rogers' solution to the issue of creating a 'backdoor' was to divide the key into pieces to ensure that no one agency or company could use it by themselves.

Related: iPhone 6s

JamesComeyFBI Director James Comey says encryption is hampering law enforcement at all levels

Whether or not this is a practical solution, it shows that the issue of encryption hindering investigations is taken seriously enough by those in high-ranking government positions that the debate is sure to continue for some time. In that sense, although Apple may refuse to comply in the San Bernardino case, this certainly won't be the last time they, or any other tech firm, will have to face the issue.

What does everyone else think?

Of course, there is one source which has been particularly vocal about Apple's dilemma, and that, source is of course, the internet. Some have voiced their support for Tim Cook's defiant challenge:

Related: iPhone 6S Plus

While others are not so pleased with it:

And some are simply in awe of Apple's refusal to comply:

toboev

February 17, 2016, 2:37 pm

The authorities seem to have created a game wherein Apple stands to lose massively by acceding to, and to gain in equal measure by refusing, their request. That does not seem a good way to get what they want.

mode11

February 17, 2016, 2:47 pm

Apple will be against this for the many legitimate reasons Tim Cook stated. They will also be aware that giving something so precious to public authorities will likely backfire horribly at some point, when some incompetent / corrupt idiot leaks or loses the software, and causes the collapse of iOS's security. The FBI will just be like "whoops, not our problem", but meanwhile it could cost Apple billions in lost trust.

Many of the political decision makers are likely clueless about technology, and in any case aren't thinking about potential consequences for Apple. As CEO, that's Cook's job.

Everlast

February 18, 2016, 3:11 pm

I fully support Apple on this one.

If Apple helps the
government hack into one device, next time government services would be
asking for the phone of someone like Snowden be hacked. Someone that
would let the rest of the world to see what the US government is doing
behind closed doors.

Plus, if Apple adds a back-door to their devices, there is always going to be some other company to fill the niche. Is the US government going to bully every company around the world to get a backdoor into every device made.

Gqdancer .

February 18, 2016, 11:04 pm

I support Apple they cannot create a back-door that will put everyone's CIVIL LIBERTIES under scrutiny...in other words..." wire tapping" or not wire tapping" hmmm?
dangerous...

toboev

February 19, 2016, 10:45 am

Now I wonder, is there any connection between the latest two Apple stories? This one, and the one about Error 53, upon which they have just done a U-turn ( http://www.bbc.co.uk/news/tech... ).

In both cases Apple has followed public opinion, yet perversely each decision sits on the opposite side of the "privacy/security is paramount" argument.

How will Apple continue to defend their stance against the FBI, when they are happy to modify iOS to allow a third party "to replace the screen and modify the module to take control of your phone"? (BBC)

SWPRSR

February 19, 2016, 9:30 pm

Screw the FBI.All they had to do after they had their search warrant was have Apple unlock the phone for them and retrieve all the Data and hand it over to the FBI.But no,the FBI wants the Code to get into any and all phones.Apple should still refuse the FBI's demand and tell them to pound sand.If the FBI is not willing to just have apple get the Info then they can go to Hell.

microdot71

February 19, 2016, 10:19 pm

They have already been doing this.
https://en.wikipedia.org/wiki/...

toboev

February 22, 2016, 5:10 pm

"The memo reiterate's ..."
apostrophe catastrophe

Tomas

March 14, 2016, 7:34 pm

Subj: Apple vs. FBI

The issues of Privacy/Encryption are valid points.
However, they are not the most essential points.

The most essential defense for Apple is, that the governments' use of the court's to Force Apple to Labor for the governments' benefit is a violation of Apples' Right to Liberty.

The government has the right to "ask" apple to labor in building tech for the government.
And thus, apple has the right to refuse the governments offer in building tech.
Consequently, the government can not then, attempt to use the "Force of Law" to compel Apple to Labor for the government when apple does not wish to labor for the government.

So.., forcing apple/anyone to labor in any capacity is by definition, "Slave Labor".
And..., Slavery in any measure is a violation of the Right to Liberty.

comments powered by Disqus