Apple v. FBI – Part I

The recent controversy between Apple and the FBI has attracted a good deal of attention among the talking classes. Some of the best coverage came from Fortune, who ran this useful roundup of opinions. And, the PBS show, Frontline, ran this debate  between James Andrew Lewis, director of the strategic technologies program at the Center for Strategic and International Studies, and Nate Cardozo, a staff attorney at the Electonic Frontier Foundation. In Part I of this series, I will describe the background of the issue. Part II will offer some analysis.

The Government’s Request

The conflict between Apple and the FBI began on February 16, 2016, when a US Attorney applied to a federal magistrate judge for an order compelling Apple to assist the FBI in its investigation of a cell phone found in the black Lexus driven by Syed Rizwan Farook and his wife, Tafsheen Malik, the suspects in the December 2, 2015, massacre in San Bernardino, California. The subject device was owned by Farook’s employer, the San Bernardino County Department of Public Health (“SBCDPH). The government had seized the iPhone and had repeatedly attempted to obtain information from it. According to the supporting documents, the Supervisory Special Agent (SSA) handling the investigation of the iPhone believes that Apple has been providing assistance to the FBI by turning over iCloud backups of the phone’s contents. From these backups, it appears that Farook used the phone to talk with Malik between July and November 2015. And, he also used it to speak with some victims of the shootings. The SSA believes that

There may be revelant, critical communications and data on the subject device around the time of the shooting which has thus far not been accessed, may reside solely on the subject device, and cannot be accessed by any other means known to either the government or Apple.

According to the SSA, the requested assistance of Apple is to provide the FBI with a “signed iPhone Software file, recovery bundle, or other Software Image File (SIF) that can be loaded onto the subject device.”

The SIF would load and run from Random Access Memory (RAM) and would not modify the iOS on the actual phone, the user data partition or system partition on the device’s flash memory. The SIF would be coded by Apple with a unique identifier of the phone so that the SIF would only load and execute on the subject device. Since Apple’s software currently has the capability to query hardware for unique identifiers (serial numbers, ECID, IMEI, etc.), the SIF could be created to only function on the Subject Device, which would mitigate any perceived security risk to Apple iOS software. The SIF would be loaded via Device Firmware Upgrade (DFU) mode, recovery mode, or other applicable mode available to the FBI.

This SIF would allow the FBI to bypass the self-deleting procedure which the iPhone would initiate after ten unsuccessful attempts to enter the user passcode. This would allow the FBI to determine the passcode by sheer brute force.

According to the Washington Post, the need for this request was caused by a misstep early in the investigation:

In the chaotic aftermath of the shootings in San Bernardino, Calif., in December, FBI investigators seeking to recover data from the iPhone of one of the shooters asked a technician in the California county to reset the phone’s iCloud password.

But that action foreclosed the possibility of an automatic backup to the Apple iCloud servers that might have turned up more clues to the origins of the terrorist attack that killed 14 people.

“The county and the FBI were working together cooperatively to obtain data, and at the point when it became clear the only way to accomplish the task at hand was to reset the iCloud password, the FBI asked the county to do so, and the county complied,” David Wert, a spokesman for San Bernardino County, said in an email.

The magistrate judge’s order directing Apple to assist  came about a week after FBI Director James B. Comey told Congress that the bureau has not been able to open the phone. In testimony before Congress, he said: “It has been two months now, and we are still working on it.” He characterized Apple as refusing to comply with a search warrant.

Apple’s Response

Apple has promised to resist the Government’s motion.

In his letter to customers, Apple CEO Tim Cook characterized the FBI request this way:

We have great respect for the professionals at the FBI, and we believe their intentions are good. Up to this point, we have done everything that is both within our power and within the law to help them. But now the U.S. government has asked us for something we simply do not have, and something we consider too dangerous to create. They have asked us to build a backdoor to the iPhone.

He describes the SIF as asking Apple to “make a new version of the iPhone operating system.” He describes it this way:

Specifically, the FBI wants us to make a new version of the iPhone operating system, circumventing several important security features, and install it on an iPhone recovered during the investigation. In the wrong hands, this software — which does not exist today — would have the potential to unlock any iPhone in someone’s physical possession.

The FBI may use different words to describe this tool, but make no mistake: Building a version of iOS that bypasses security in this way would undeniably create a backdoor. And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.

The threat, Cook contends, is that “Once created, the technique could be used over and over again, on any number of devices.” As he explains,  “In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.” This has been described as a “backdoor” for Government to gain access to the contents of anyone’s phone.

The All Writs Act

The Government argued, and the magistrate judge agreed, that the authority for the order compelling Apple to assist the FBI investigation was found under the All Writs Act, 28 USC section 1651 (a)., which provides that “all courts established by Act of Congress may issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.” The Government argued that based on the authority given to courts by Congress under this act, the court can “require a manufacturer to assist in accessing a cell phone’s files so that a warrant may be executed as originally contemplated.” So, since the original search warrant authorized getting to private information on the subject phone, the court should, under the All Writs Act, have the authority to compel Apple.

Cook stated Apple’s concern about using the All Writs Act:

The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.

Their view is essentially that the magistrate court, which does not get its authority under Article III of the Constitution, but only by an act of Congress, should not have the authority to order what would, in Apple’s view, be a major change in the privacy rights of iPhone users, under an act that simply gives authority to issue writs to aid in the compliance with search warrants. A more full-throated analysis of all relevant issues is needed.

The Trump Moment

Campaigning in South Carolina, Republican Presidential Candidate Donald Trump weighed in against Apple. At a rally in Pawleys Island, Trump said: “Boycott Apple until they give up the information.” He characterized the dispute this way, “The [subject] phone is owned by the [San Bernardino] government….Tim Cook is looking to do a big number probably to show how liberal he is. Apple should give up.”

Later, in a telephone interview, he added “Tim Cook is living in the world of the make believe…. I would come down so hard on him — you have no idea — his head would be spinning all of the ways back to Silicon Valley.”

Neither Apple nor the Government has commented on Trump’s boycott. None of the other presidential candidates have commented on this controversy.

 

Advertisements

4 thoughts on “Apple v. FBI – Part I

    1. Here, the government is asking Apple to essentially provide a means for hacking their phone, so that cell phones will forever more be open to limitless search. That’s all data on the phone, which might include things typically not obtained so casually, like your health information, fingerprint, etc. And, it will set the precedent for giving access to any and all devices.

      Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s