As you’ve probably noticed, Apple and the FBI have been involved in an almighty altercation over government access to an iPhone used by suspected San Bernardino terrorist Syed Rizwan Farook. The FBI, backed by the White House, wanted access; Tim Cook and Apple said no. That’s the case in a nutshell, but understanding the details involves a much deeper look at the encryption built into iOS and laws regarding privacy and terrorism in the US.
Firstly, it’s important to understand that not all versions of iOS are the same as far as encryption and user security are concerned: since iOS 8, Apple has been making a concerted effort to make the data stored on iPhones unrecoverable, even by Apple itself. In other words, even if Apple wanted to get the data from your device, it wouldn’t be able to.
Which brings us to the FBI’s request. It wanted the US courts to compel Apple to create a new version of iOS – dubbed “GovtOS” by the Cupertino company – to pull data off Farook’s iPhone 5c, which had been issued by his employer. For a variety of reasons, including the fact that local law enforcement officers had already reset Farook’s iCloud password, there was no other way to get at the potentially useful data on the phone.
Apple insisted it couldn’t create a backdoor into iOS without compromising user security and making data vulnerable to future surveillance from government agencies or unauthorised hacks by third parties. The FBI, meanwhile, took the stance that a one-off, carefully monitored software modification would provide invaluable information for its ongoing terrorism investigation.
In a remarkable open letter to customers posted on the web, Apple CEO Tim Cook stated his company’s case: “For many years, we have used encryption to protect our customers’ personal data because we believe it’s the only way to keep their information safe”, he wrote. “We have even put that data out of our own reach,because we believe the contents of your iPhone are none of our business. “Some would argue that building a backdoor for just one iPhone is a simple, clean-cut solution,” Cook continued, echoing the stance that the FBI took. “Once created, the technique could be used over and over again, on any number of devices.
In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks – from restaurants and banks to stores and homes. No reasonable person would find that acceptable.”
The FBI had its supporters, including the frontrunners in the US election race. As for the current White House incumbent, Barack Obama refused to comment on the specific Apple vs FBI case, but said: “You cannot take an absolutist view on this. If your view is strong encryption no matter what and we can and should create black boxes, that does not strike the balance that we’ve lived with for 200 or 300 years. And it’s fetishising our phones above every other value. That can’t be the right answer.”
Of course this adds new fuel to a debate that has raged since Edward Snowden went public with NSA files in 2013: how do you strike a balance between protecting the privacy of citizens while making sure terrorists and criminals can’t communicate without detection?
There’s no easy answer, and in the end there was no clear winner in the Apple vs FBI debate. Just 24 hours before the lawyers’ day in court, the FBI found assistance from an unnamed third party, which meant Farook’s data could be recovered without Apple’s help. There have been no disclosures as to how it worked, but ultimately GovtOS wasn’t required – not this time, anyway.
After the spilling of so many words and opinions on both sides of the fence, we’re not much further on than we were before. Apple is committed to making future versions of iOS as impenetrable as ever, and you can bet that the engineers in Cupertino are working hard on an operating system the FBI and other agencies can’t get into.
Meanwhile, you can be equally sure that the FBI, the NSA and their equivalents across the globe are going to push just as hard in the other direction, asking for help from the likes of Apple and Google to make sure the bad guys can’t
fly under the radar as far as phone data goes. We thought that the San Bernardino case could be the defining moment in the argument, but it seems we’re still waiting for it.