Here are some questions I have about this interesting matter that Google hasn’t been able to resolve for me. If anyone has the answers, please let them rip in the comments:
1. Why can’t the FBI/NSA write a new Operating System for the iPhone themselves, and then use it to brute force open the phone in question.
2. Why should Apple be above the law: doesn’t everyone have to use their best efforts to comply with a valid search warrant?
So far as I can tell, the key issue here is Apple’s claim that the government shouldn’t have a master key to everyone’s iPhones. But that’s absurd: the government has access, if properly warranted, to everyone’s real homes according to the constitution, so why shouldn’t it have access to their digital homes as well. The key point is that the government has to have a warrant — a requirement that it recently ignored and lied about, as revealed by Edward Snowden and others. This reality, it seems to me, has made many people lose confidence in US law as a guarantor of their rights in this area.
to question 1: probably because enough of Apple’s OS is proprietary that the FBI/NSA doesn’t have enough information? Total guess.
To question 2: a search warrant lets the gov’t look for stuff that exists. But if, as Apple claims, the software to do what the gov’t wants to do doesn’t actually exist, a typical warrant wouldn’t require them to create it. Also, the iPhone in question isn’t Apple’s property, nor is the information on it.
1. The operating system needs special drivers – rewriting the OS is theoretically possible, practically impossible.
2. What David said. Apple can be compelled to provide info they already have to the Government, but Apple argues it can’t be compelled to write code.
Still the judge required them to do just that, by writ of assistance. There is precedent for this, and I think the court order will stand.
But the real issue is that Congress should have passed legislation long ago governing this type of situation – when a phone device must be decoded for law enforcement needs. From my perspective, as long as the request to decode call or email information is non-secret, is by court order, and can be appealed, cell phone companies should be obligated by law to provide the requested information. This means their design needs to bake in the possibility that this information may be requested by a court.
Moreover, the code they are being compelled to provide would need to be certified and released as a forensic instrument. It’s an unreasonable request.
It turns out that Apple implemented some very robust security features in the new iPhone, and I applaud them for it. Good security means nobody but the user has access, not even the manufacturer, and that’s how it should be. Any legislation that congress can pass or has attempted to pass on this topic would be harmful to everyone’s security.
(FWIW I am not usually a fan of Apple and do not use their products.)
Because the 4th Amendment allows searches with warrants. I agree the writ of assistance aspect of the matter is interesting.
No one can see it, even if they see the box on the bookshelf. Does this mean that my information is “unconstitutional”? I don’t think so!
I believe you should add some qualifications to that claim.
I have watched the conservatives argue for many years that the constitutional right to privacy does not exist, but never expected to see it from the left.
The problem is that once a key exists, then everyone has it, and it can be used at any time.
That you guys trust Dick Cheney to keep the key secret, and only to use it with a warrant, is shocking. Is the only reason you opposed the Bush administration that they weren’t Democrats?
There is a right to privacy – but the FBI needs access to phone calls, emails, communication of drug dealers and terrorists.
This is not something unreasonable that the FBI is requesting. It’s just that their legal ground is shaky, because Congress could not get its act together and pass legislation clarifying all this.
I think the issue is far deeper than this.
In my view, the “need” of the FBI (or any other government agency) is driven by the purpose, relative value, and consequential damages associated with the desired access. It is not fundamental in the same way that our right to privacy is fundamental.
This request is perhaps reasonable. If so, then the “Sorry, we can’t do that” response from Apple is also reasonable.
The reason Congress has been rightfully slow to act is that the issues involved are deep, thorny, and enormously complex. So much so that I would argue this an area where today’s technology and culture — never mind tomorrows — has gone FAR BEYOND the domain that our Constitution addresses.
We literally don’t know what to do here. None of us. Not congress, not the FBI, not the Democrats, not the GOP, not you, and not me.
In my view, that’s the reason why we should proceed slowly, communicate a LOT, and be very clear about what factors are actually driving our decision-making and our opinions.
Yes, we know what to do. Apple needs to cooperate with the FBI to unlock the San Bernardino phone – and this should be captured in legislation, rather than through shaky-grounded court case law.
and it’s not the law until Apple exhausts its appeals.
All the laws are analog, and the phone is digital. To me that’s what it seems to come down to.
Apple sells the phone, as a delivery device. Everything on it, including the ability to call people, is a separate service. Originally iPhones were ALL AT&T, to the consternation of some customers. I don’t know if this is still true.
The corporate side of this is sort of interesting. Apple didn’t do it alone, but they are the most visible symbol of the the mobile world that is, um, “disrupting” everything else. Sony Music, for example, sells far fewer CDs because of streaming. One can almost hear them thinking “Where was Apple when we got hacked?”
But forget them for the moment. People use their phones in ways Apple never imagined. Twitter, for example, has exploded. Twitter can be pretty intense; people form strong relationships. Some of those people need/want privacy. But no one ever promised that.
Really the best comparison I can think of is someone requesting the entire BMG archive — e-mail addresses, etc. And they want BMG to build a way that the FBI can access the data whenever they want. So, as a BMG user, I can manage that pretty easily (I am loud, people can find me if they want).
But for many people, their phone is a lot more than their phone. This case raises a big question.
One smaller question I have: Will courts recognize the place phones have taken in society?
There is a important distinction on which this whole mess may turn. To stick with your example, with an appropriate showing, the government can subpoena (with a warrant) the BMG information. Because the information is in the possession, custody, or control of BMG’s editors, it would have to be produced. If they need a PW, they can put an editor in the grand jury, and get by oral testimony the PW; if they need to access the information electronically, they can get it from the website hosting service, or the editors. Concerning the terrorist’s phone, they cannot get what they need with a warrant. First, the government already has the piece of hardware, because they seized it (by warrant, or incident to arrest); second, the information cannot be had by way of a warrant to some other party, for example, apple, because it doesn’t have possession of the information the government wants. Rather, the government needs apple to do something, as opposed to turn something over to the government. So the government used the All Writs Act to try to force apple to build something (code) that the government cannot build itself, in order to access protected information. Although the media has been portraying this as a 4th A. constitutional issue, it’s really a question of statutory interpretation, and perhaps a question of whether the All Writs Act is itself constitutional in these circumstances. It’s fascinating.
If this goes to the Supreme Court and is “decided” 4-4—wow! This is one of those cases (like some others in the criminal context) where Scalia might well join with the liberals in holding that the 4th A. sets forth the means for search and seizure, and Congress lacks the power to legislate that frame work.
n/t
Thanks.
1.The iPhone will only run an OS that has been cryptographically signed by Apple. The FBI does not have Apple’s signing key. So even if the FBI could write the software, it could not install it.
2. This is not a search warrant case. It is an All Writs Act case.
The Government probably could hack the phone at the hardware level to preserve its contents until they can manage to crack it. Frankly, I would be shocked if the CIA/NSA did not already have this capability.
They don’t have the capability; it’s a very difficult technical problem. The engineering details are explained in an Ars Technica article.
The US government already sent a torpedo into the hull of the US cellphone industry once about this issue, when it demanded that cellphone providers use an encryption scheme that the government had a backdoor for. The result was that Nokia (a Finnish company, not subject to US demands) grew to dominate the cellphone world overnight. Americans rightly want our private information to remain private.
Our government now wants to rerun the same play. I’m not sure why anyone thinks the outcome will be any different. The impact will be to destroy America’s leadership in this industry.
This is another case where the “cure” is FAR worse than whatever “disease” it purports to cure. In my view, this is one of those situations where if current law allows the government to pursue this abomination, then current law is badly broken and must be repaired.
The feds have a whole list of phones they want Apple to break for them, and not for other terrorism cases.
are most curious what’s in that article.
As long as the requests come though a court other than FISA, and as long as the public sees each of these requests, I don’t see what’s the problem. The problem in the past has been that phones were tapped secretly, bypassing due process. It’s not the case with these requests.
Here is what amounts to a “retweet” of the WSJ article, and seems to cover the WSJ in fair if informal language.
And, surprise, NYPD wants Apple to manufacture a key, as well– even though this is “just one isolated case.”
Is it a surprise that law enforcement do not tell the truth?
No, it is not.
Thanks all – clearly, I have not been paying nearly close enough attention to this case. The All Writs Act aspect is fascinating, and seems destined for the Supreme Court. The matter strikes me as important enough that it should be resolved there.
I find it particularly relevant that this issue, in my view, is by construction outside the conceptual space of the framers of the Constitution. The issues involved here were literally not even conceived of until the past few decades.
This issue exemplifies why we need to instead somehow find consensus on the values and constraints that pertain to our constitutional freedoms today.
I think much depends on the roles we believe should be played by the Court, the Congress, and our Executive. If there is new conceptual ground to be plowed — and I believe there is — who does that plowing? Who determines the spacing, width, and depth of the furrows?
More importantly, who decides what we wish to sow in the resulting field, and how do we make that decision?
We will be living with this field and these crops for generations to come.
I’m of a different opinion, David. I hope this case will not go to the Supreme Court, will be solved on the narrowest grounds – to let Congress solve this through legislation for next time it happens.
The Supreme Court is not a good place to debate highly technical matters put forward in this case. None of the Justices, or the lawyers arguing before them, is an engineer.
I think that many are rushing to judgment on apple, and condemning them, when it’s really important to allow apple to exhaust its appellate rights on this issue. Using the All Writs Act to compel action is not SOP. Apple should be able to make its arguments to the 9th Cir., and the USSC if necessary. Also, there’s no exigency here. Whether the government gets access now, a month from now, or never, the damage has been done. And the argument cannot be that every one must help the government any time the government wants help. That’s not how this country works. People have protections from governmental interference.
The iPhone operating system is designed to resist unauthorized intrusion by parties who don’t have your private key. Since in this case the only person who knew the password is dead, we cannot ask him.
Otherwise, the phone is designed to require the passcode, just as a safe is designed to require a combination. If it didn’t, anyone could open the safe.
In this case, the “safe” has several safeguards. For example, if you try a bunch of combinations and get them wrong, the safe takes a timeout and won’t do anything for a short time. That’s inconsequential if you need to reenter your passcode once, or if your toddler fools around with your phone, but it means guessing the combination for an iPhone can be expected to take about ten years.
If you *really* don’t want anyone to see the papers inside your safe, you’d arrange that the papers would be destroyed if someone tried to open the safe improperly — by cutting it open, say, or by dropping it from the top of a skyscraper. The iPhone has a variety of protections like this.
The intent of the FBI request is to make strong encryption illegal. Simple as that.
One very strange aspect of this case, by the way, is that the whole problem arose because the phone’s owner — the Health Department — asked to reset the password after the phone was in custody. Nobody knows why they did this, but it complicated matters immensely.
Finally, while a search warrant gives authorities the right to search your home or office, I believe a warrant does not require you to do what you cannot readily do. You can be told to open the door to the attic, but I don’t believe you can be told to invent and build a crane that will transport the police to your roof.
I didn’t know that the password was reset after it was already in custody.
Some tech guy at the health department tried to change the password remotely, and the reset for whatever reason eliminated the ability to back the phone up to the could, from which they might be able to retrieve data.
That sounds a lot like the FBI left the thing on and connected to the cellular network, and that they didn’t bother to try to lock down the account, so that they tech guy couldn’t bumble around.
So, in reality, the FBI is asking Apple to manufacture a new OS, thus degrading the security of its existing OS on all of our phones, in order to fix the FBI’s screwup.
I wonder what would happen if the Apple engineering team (or any other) agreed to attempt this, gave it a “best effort”, and somehow were just unable to get the job done. This is, after all, a challenging demand. Many engineering teams for many companies have failed in their attempts to do many things that seem less complex than this.
What does the government do if Apple says “We assigned our best and brightest developers to this, they’ve done what they could, and they’re just not able to get it done”?
Oh, and of course such a project could only be STARTED after a lengthy and time-consuming set of exchanges to establish the requirements and parameters.
I think that, as a practical matter, it will be VERY hard for the government to force this to happen.
Apple can get the job done – the FBI is not asking a difficult thing, as embedded engineering things go.
Perhaps you missed the point.
You might think that Apple can get the job done. Proving that is, I think, a different kettle of fish. If Apple — or anybody else — makes an effort that is unsuccessful, I think it will be VERY HARD for the government to prove that said failure was intentional.
I suppose that Apple could, as a gesture of “good faith”, fire everybody involved because of their failure to fulfill the government’s demand. After all, isn’t that the usual way that an employer disciplines staff who fail to perform?
The government could, of course, attempt to build its own development team and compel Apple to provide that team with all the necessary documentation, source code, and so on.
The fact is that, at least within the constraints of civilized society, it is VERY HARD for a government to force individuals to do something they really don’t want to do. Forcing a man or woman with KNOWLEDGE to use that knowledge in a way that they object to is even more difficult.
Just how powerful do you want our government to be? Are there any limits to the authority of the government you envision?
Time it takes to an engineer to code the requested change – a few hours; time to load it on the phone – a few more hours.
I’m not disputing you.
I’m saying that you have to first find an engineer willing to do it. That engineer has to have sufficient knowledge of what’s there now to do it. The engineer has to know enough about the technology stack to test the change first, then somehow deploy it.
I’m saying that there have been MANY MANY far less complicated engineering jobs that, for whatever reason, have cost the requesting government agency an arm and leg to make happen.
I’m saying that PROVING the case you’re making here, especially if there are criminal penalties involved, is far more difficult than typing a comment on a blog.
… if it is “not a difficult thing”, the government could do it. If it is not easy, it’s not clear that Apple can. The conspiracist within thinks the government (NSA, not FBI) not only can do it, but probably already has, but either cannot go to trial with what has been done or just wants Apple to take the blame for the existence of a method with which to do it… i just really don’t think the phone itself, nor the data on it, is central to the impetus behind this issue: with all the meta-data and ancillary information (‘cloud’ syncing and other off-phone back-up…) I can’t imagine any single piece of data on this phone being so important as to require the full weight of the feds leaning on Apple to get at it.
No, the government could not do it, because it does not have the know-how, and it does not have access to Apple’s code, tools, and developer engineers.
… the government does have a whole lotta know-how in this regard. But, be that as it may, Apple’s IOS is derived from BSD Unix (it’s present offering is a fork of Darwin whose source code is all available) and other variants of UNIX which is readily available. IOS is not a complete black box to the government.
Apple also releases SDKs and xcode and it’s own development language, swift, for development.
Apple used to styled itself as a hardware company forced to make software to prevent dilution of the hardware brand. That may no longer be true, but a great deal of the software innards of their hardware is readily available.