The FBI wants Apple to unlock an iPhone 5c that Syed Rizwan Farook, one of the two terrorists who killed 14 at San Bernardino in December, used — and a California court has ordered the company to comply. Apple has said no — citing wider issues that affect everyone. SHRUTI DHAPOLA explains. (Read full order here)
What has the court ordered?
United States Magistrate Judge Sheri Pym has asked Apple to provide “reasonable technical assistance” to investigators — which means help bypass an auto-erase function that gets activated when the wrong pin or password is entered for a fixed number of times; allow FBI to submit unlimited passcodes via a computer, a programme or whatever protocol they determine; and ensure that the Apple software doesn’t purposely add any additional delay between password attempts to unlock the device. Apple is also required to load a specific iOS recovery file on to the device so that FBI can recover the passcode. This version of iOS will ensure that the auto-erase function doesn’t get enabled. FBI basically wants to ensure that it doesn’t spend an indefinite length of time trying to unlock this iPhone.
Why is Apple refusing to comply?
CEO Tim Cook has written ‘A Message to Our Customers’ saying the government’s demand and the order have “implications far beyond the legal case at hand”. The order, Cook has said, basically tells engineers who’ve worked to ensure that the device is secure and encrypted, to now weaken those same protections. This, according to Cook, allows FBI a backdoor entry into the iPhone, sets a dangerous precedent, and puts consumer data at risk from hackers and cyber criminals.
But isn’t Apple supposed to hand over data when required by law?
Apple has said that it has already helped the FBI to the extent it could. Its problem is with being asked for a specific version of iOS to unlock the device. FBI wants to use what Tim Cook calls “brute force” to get access, something current encryption doesn’t allow. And it’s this encryption that Apple doesn’t want bypassed.
So what is Apple afraid of? It’s only one iPhone, isn’t it?
According to Cook, breaking encryption means breaking consumer trust, and putting their devices at risk from hackers and criminals. Breaking encryption once opens a Pandora’s box. Tomorrow, other governments could ask for access too, and it might not just be in cases of terrorism.
Smartphones contain enormous amounts of personal data, and giving governments access means Apple would be giving up control over how this data is secured, something that no tech company wants. Be it Apple, Google or Facebook — all have very large user bases, and they would all be similarly concerned.
But why can’t FBI build this software on its own?
The iPhone is designed to run only iOS software created by Apple. For the phone to recognise that the software was made by Apple, the company must sign each piece with an encrypted key to verify it. So, even if the FBI tried to build a new version of iOS, it would not have Apple’s crucial signature.
There is, of course, a lot of data available that does not require Apple’s assistance in unlocking the phone. The FBI could ask Verizon, the cellular carrier by which Farook’s phone was serviced, for example, or the developers who created the apps for the phone. But FBI has probably already pursued those avenues — and realised that some data is simply not accessible without Apple’s intervention.
Can Apple challenge the order?
Yes. The order says that if Apple finds compliance unreasonably burdensome, it can challenge it. Given contents of Cook’s letter, it’s likely that Apple will appeal.
What does the rest of Silicon Valley have to say about this tussle?
Cook has found support from Google CEO Sundar Pichai, who tweeted saying that companies give “law enforcement access to data based on valid legal orders, but that’s wholly different than requiring companies to enable hacking of customer devices & data”. This, Pichai said, could be the start of a “troubling precedent”.
WhatsApp CEO Jan Koum also posted in support of Apple’s letter, saying that they must not allow a dangerous precedent to be set.
For tech companies, the order challenges the heart of their business: How they keep their data safe and secure, from governments and rivals. Indeed, Apple’s biggest worry is about setting a precedent for similar requests in the future, from the US and other countries.