The current dispute between Apple and the FBI amplifies the ongoing debate between U.S. tech firms and law enforcement agencies about encryption. At issue in this case is how to access an iPhone that belonged to one of the people responsible for the San Bernardino shooting in December 2015. The FBI wants to access the phone as part of their investigation into the attack, but they cannot because the phone is protected by a password, and the phone will delete its data if the wrong password is entered too many times. As a result, the FBI has requested that Apple create a way for them to circumvent this security feature – a request that Apple has adamantly refused. The clash between the two parties is being played out in federal court, but both parties are also trying to convince Congress to weigh in on the issue.
The FBI has been able to make a sound argument for why it should be given access to the phone in question. First, the investigation into the San Bernardino shooting is within the purview of the FBI, and the iPhone in question is a significant piece of evidence - its contents could be enormously useful for countering other terrorist threats in the U.S. Second, the All Writs Act gives the government the authority to request that firms assist in accessing information that is relevant to an ongoing investigation. Third, the iPhone in question belongs to the city of San Bernardino, and they have consented to allow the FBI to access the phone. Therefore, the FBI has the authority to make the request, a legal foundation upon to base it, and the consent of the phone’s owner – in any other case that would be more than sufficient. However, the iPhone is both password protected and encrypted, and that is the crux of the current issue.
The problem is not that Apple doesn’t want the FBI to access the device; it is that in doing so, Apple maintains it would compromise its own security systems. Apple’s resistance to the request has three primary points. First, creating a way to work around security features for encrypted devices produces vulnerabilities that could be exploited by bad actors and could therefore make any such device less secure. Additionally, Apple argues that acquiescing to the FBI’s request would make it more difficult for Apple and other tech firms to deny a similar request from foreign governments. This could have an adverse effect on both the security of the U.S. and the competitiveness of U.S. tech firms in the global market. Finally, Apple also makes the argument that implementing a method of circumventing its own security features constitutes an undue burden for the company, and that mandating such an action is not within the FBI’s legal authority.
The legal question is forming the centerpiece of this iteration of the encryption debate. Apple is shaping the narrative around this case in terms of the precedent it would set, and what that could mean in the future. The concern is that this case is the first step onto a slippery slope that would lead to a loss of privacy and an increase in surveillance that would be at odds with the civil liberties to which all Americans are entitled.
For their part, the FBI is arguing that their request is not about gaining an advantageous legal precedent but rather focused on a single case, with a single and specific purpose. The FBI is not alone in making that argument. Bill Gates has agreed that the limited focus of the FBI request is insufficient to form any kind of binding legal precedent. In either case, the outcome of the current legal challenge will have a profound effect on both the development of consumer technology and counter-terrorism efforts.
Luke Penn-Hall is the Cyber and Technology Producer at The Cipher Brief.