The NY Times published an opinion piece today on the confrontation between the US government and Apple over the forensic access to the encrypted data on Syed Farook’s cell phone – Farook being the perpetrator of the San Bernardino attacks in solidarity with ISIS.
The bug-a-boo raised by Apple is that if the accede to the US government’s request, a legal precedent will be established that will allow any government to demand that Apple assist in unlocking the contents of a cell phone. Included is that suggestion that any hack provided by Apple could make it into the wild, allowing anyone to unlock the data on any cell phone.
Let’s be specific about the details: the iPhone has a security feature that automatically erases all of your data if you fail to enter the encryption password correctly some number of times in a row. Now this is an interesting feature – Allah forbid that you should forget your password. It would seem that it would be in the interests of the owner to have some recovery mechanism. And after the incident, obviously the US government has legal possession of the phone. So why, as the owner, can’t it recover the data it owns?
The op-ed once again raises the specter of Edward Snowden, claiming that Snowden demonstrated that the government was spying on US citizens. As I recall, Snowden did nothing of the sort – what he showed is that the US government placed inadequate controls on access to surveillance systems by unauthorized subcontractors.
So I find it disingenuous that Apple refuses to assist the government with its investigation. Apple doesn’t have to release any code to the government – it could take the cell phone into its facilities, apply the patch, and provide the government with the data. Obviously, this is something that it can do currently for anyone, given sufficient inducement. Is the US government really out of line in its demands?
Being that Apple is big and bad enough to stand up to the US government, obviously it believes that it can stand up to the Chinese government. Or could it? Let’s say that China threatened to terminate production of iPhones in China if Apple didn’t break the encryption on a dissident’s cell phone. What would Apple do? Given that the principal driver for Apple’s stance is profit (which is why they outsourced to China in the first place), it might actually be that Apple would simply cave quietly behind the scenes.
Which is another open question: the big data services collect huge amounts of information on their customers. What do they do with it? Frustrating the government’s request to have access to data it owns is an amusing diversionary tactic. While Microsoft has large corporations looking over its shoulder, nobody monitors Apple’s use of your data, nor Google’s use. Shouldn’t we be demanding some oversight?
I would be less skeptical of Apple’s motives if Cook was willing to recognize that there is a legitimate concern regarding information secrecy. I might argue that attempts to strengthen safeguards in the aftermath of the judge’s order is tantamount to aiding and abetting. If Apple clearly stated an ethical position, with guidelines regarding the conditions under which it will cooperate with governments to recover data, then I think that they would further the debate. As it is, I am afraid that he’s pandering to those that have good reasons for wanting to keep secrets – the criminal set.