Apple vs the FBI: Your questions answered
All the latest news on Apple’s dispute with the FBI
UPDATE 22/2/16: Apple CEO Tim Cook sent an email to Apple employees on Monday in which he says the company’s refusal to cooperate with the FBI is a defense of civil liberties.
The memo reiterate’s Apple’s ‘no sympathy for terrorists’ stance before going on to explain that the San Bernardino case is “about much more than a single phone”.
Cook also reaffirms Apple’s position in relation to the court order demanding the firm help the FBI hack an iPhone, calling for the government to form a commission to discuss the issue and others like it.
He writes: “We feel the best way forward would be for the government to withdraw its demands under the All Writs Act and, as some in Congress have proposed, form a commission or other panel of experts on intelligence, technology and civil liberties to discuss the implications for law enforcement, national security, privacy and personal freedoms. Apple would gladly participate in such an effort”.
Apple will be posting answers to questions about the case on apple.com/customer-letter/answers/ to “provide more information on this issue”.
UPDATE 22/2/16: Several victims of the San Bernardino attack are to voice their support for the FBI as the agency increases pressure on Apple to hack one of the shooter’s iPhones.
Stephen Larson of law firm Larson O’Brien, told local Southern California newspaper, The Press-Enterprise, that he will file a legal document on behalf of the, as yet unnamed, victims.
The amicus brief will advise the court that Apple should cooperate with the FBI in the ongoing investigation into the San Bernardino terrorist attack in which 14 died and 22 were injured last December.
Meanwhile, FBI director James Comey has responded to Apple’s open letter in a post on the Lawfare blog, saying that the FBI’s demands are ‘about the victims’.
He goes on to deny that the court order asking Apple to help the FBI recover data from the shooter’s iPhone constitutes the creation of a so-called ‘backdoor’.
He writes: “We simply want the chance, with a search warrant, to try to guess the terrorist’s passcode without the phone essentially self-destructing and without it taking a decade to guess correctly.
“That’s it. We don’t want to break anyone’s encryption or set a master key loose on the land.”
UPDATE 19/2/16: Apple has been given three extra days to make a decision on whether it will help the FBI by hacking an iPhone.
On Tuesday, the company was given five days to respond to the court order asking Apple to help the FBI bypass security features built in to iOS.
Now, CNN has reported that the firm has been given a three day extension, meaning the deadline for a response has moved to Friday, February 26.
Despite a defiant open letter opposing the order from Apple CEO Tim Cook, the firm has yet to file any legal documents challenging the directive.
Apple vs the FBI FAQ: The issues explained
The ongoing fight between companies and authorities over encryption reached new heights this week as it was revealed that Apple has been asked by the FBI to essentially build a backdoor into iPhone software.
Apple CEO Tim Cook’s open letter, published on the Apple website, lays out exactly what the firm has been ordered to do and calls for a public discussion on the matter of encryption.
But for many, especially those outside the tech community, this conversation can seem impenetrable, making a public discussion that much more difficult to foster.
It seems then, that we could all do with a bit of a refresher on the matter at hand, so as to prime ourselves for the impending discussion. Here’s a rundown of the situation as it stands.
What exactly has Apple been ordered to do?
In December 2015, a married couple living in Redlands, California attacked a training event held by the San Bernardino County Department of Public Health. 14 people were killed and 22 were injured in the terrorist shooting.
Following the event, an FBI investigation turned up an iPhone belonging to Syed Farook, one of the perpetrators. A US Federal judge then ordered Apple to provide investigators with access to the phone’s encrypted data, which according to the court papers, the firm ‘declined to provide voluntarily’.
The court filing specifically refers to Farook’s iCloud account. Prosecutors say he seems to have disabled the iCloud data feature a month and a half before the shooting, leaving investigators unable to access evidence that only resides on the phone and has not been backed up to the cloud.
After the court order was issued, Apple CEO Tim Cook posted an open letter explaining the company’s opposition to the ruling. In it, he describes the government’s demands as follows:
One of these security features which the FBI wants disabled is one which deletes all the user data after a certain amount of failed passcode entries. Investigators risk losing all the information on Farook’s phone if they continue to try to guess the passcode incorrectly, hence why they want that particular feature disabled.
If Apple is unable to disable the auto-erase function, the court order states that the firm should create software that enables them to do so.
Apple has been given five days to respond.
Why is this a big deal?
The debate over data encryption and when, or even if, authorities should have the right to order its removal, has been going for some time. Tensions have somewhat increased since the Edward Snowden revelations which exposed massive government surveillance in both the United States and UK.
Apple’s latest run-in with the authorities therefore seems more salient than it would have even five or so years ago, especially as companies, including Apple, ramped up their security features in the wake of the Snowden leaks.
Related: Snooper’s Charter explained
Apple has been asked to make a less secure version of iOS
When it comes to the current debate on data security, the key phrase to bear in mind is End-To-End Encryption. This is a name for a method of secure communication that stops third parties accessing data while it’s being transferred from one party to another. If you send a Whatsapp message to a friend for example, the data is encrypted until it reaches your friend so that anybody looking to intercept it will be unable to interpret it.
End-To-End encryption involves using cryptographic keys to decrypt data once it has been received by the end user. As it stands, these keys are stored on the end user’s device, meaning the company’s server, whether it be Whatsapp or iMessage, will simply transfer the data without decrypting it.
Any effort to transfer the key to the company itself would thereby essentially create a ‘backdoor’ into the user’s data. It is this which worries opponents of increased surveillance powers for authorities, as such legislation could mandate the existence of such a ‘backdoor’ to help investigations.
The Apple situation is similar, although not directly related to end-to-end encryption. In the open letter, Cook says the following:
This is a big deal because not only would it create a potentially devastating security threat for iOS users were it to fall into the wrong hands, it also sets what Apple calls ‘a dangerous precedent’ by establishing the government’s right to ‘reach into anyone’s device to capture their data’.
Is this whole thing different from the Snooper’s Charter?
Kind of but not really. The Snooper’s Charter is a name given to a series of proposed changes to British surveillance legislation. After facing a backlash upon its initial introduction, the reforms were reintroduced in the form of the Investigatory Powers Bill last year.
The Investigatory Powers Bill, a final decision on which is yet to be made, essentially makes it easier for British authorities to find out which online services someone has used by asking companies to retain ‘internet connection records’ for 12 months.
Related: What’s new in iOS 9.3?
UK Intelligence agency GCHQ was implicated in the NSA revelations
Although it does not give explicit authorisation for agencies to demand decryption of data, critics say it brings us closer to such legislation and opens the door for more aggressive powers which could compromise end-to-end encryption in the future.
In that sense, the debate is somewhat similar to the Apple vs FBI issue. Opponents in both cases are concerned about the wider implications of government intrusion on personal data and the potential for hackers to carry out potentially damaging attacks by exploiting backdoors.
Why should Apple oppose the order?
To use Tim Cook’s words,
Although the US government is insisting that the software would only be used once, in the case of the San Bernardino shooting, there are of course wider concerns about the precedent it sets and how Apple and the authorities would ensure the software was kept secure enough to prevent others from accessing it and using the ‘master key’.
As Cook explains:
From Apple’s point of view then, the court order is an overreach on the part of the Federal government; a solution that’s worse than the problem itself. By building this particular version of iOS, Apple says it would be creating a ‘backdoor into its own products’, opening the door to further overreaches from government on the one hand, and large-scale hacking attacks on the other.
There’s also the issue of whether other governments will be able to demand the same right as the US government. If Apple agrees to let the US government overrule data safeguards, other governments such as China would likely demand similar rights.
But wouldn’t it be easier to comply?
In the initial court filing, prosecutors said Farook’s iCloud account suggested Syed Farook was communicating with victims prior to the attack, and that phone records indicated he used the iPhone to contact his wife and co-perpetrator Tashfeen Malik.
The FBI says that the new version of iOS is required in order to acquire all the evidence and carry out the investigation in full.
Related: iOS 9 tips and tricks
Investigators say Apple must help them unlock an iPhone beloging to one of the San Bernardino shooters
Last week, FBI director James Comey spoke to the Senate Intelligence Committee about how tech companies can help with criminal investigations, citing the San Bernardino case in particular. Advocates of increased surveillance powers, such as Comey, say that security features can often undermine the rule of law, and that more powers are needed to ensure investigations can be carried out effectively.
Comey also highlighted the extent to which issues with encryption affect every level of law enforcement, saying “it affects our national security work, but overwhelmingly this is a problem that local law enforcement sees”.
Last year the head of the National Security Agency, Adm. Michael S. Rogers, suggested the creation of a ‘digital key’, the type of which Apple has this week vehemently opposed. Rogers’ solution to the issue of creating a ‘backdoor’ was to divide the key into pieces to ensure that no one agency or company could use it by themselves.
Related: iPhone 6s
FBI Director James Comey says encryption is hampering law enforcement at all levels
Whether or not this is a practical solution, it shows that the issue of encryption hindering investigations is taken seriously enough by those in high-ranking government positions that the debate is sure to continue for some time. In that sense, although Apple may refuse to comply in the San Bernardino case, this certainly won’t be the last time they, or any other tech firm, will have to face the issue.
What does everyone else think?
Of course, there is one source which has been particularly vocal about Apple’s dilemma, and that, source is of course, the internet. Some have voiced their support for Tim Cook’s defiant challenge:
Related: iPhone 6S Plus
While others are not so pleased with it:
And some are simply in awe of Apple’s refusal to comply: