On December 2nd, 2015 a mass shooting, later discovered to be a terrorist attack, was carried out in San Bernardino, CA. leaving 14 dead and dozens wounded. At the center of these attacks is the iPhone 5c of one of the shooters which the FBI has been attempting to access but is password protected. On February 16th a federal court ordered Apple to help the FBI unlock the phone but Apple’s CEO Tim Cook published a letter to customers explaining that Apple intends to challenge the court’s ruling citing reasons of privacy and what kind of precedent such cooperation would create for future cases. Although the FBI strongly affirms this would be a one time thing, Apple likens this request to the creation of a ‘back door’ to their softwares’ encryption.
If Apple were to comply, many feel the precedent created would make for not just a flood of similar requests at all levels of government, but open the door to non democratic governments (like China) demanding access to the “back door” encryption to spy on its citizens. If this were the case, Apple would be responsible for the creation of secure encryptions ensuring customer privacy, only to turn around and undermine said encryption when pushed by governments to do so. These are strong enough grounds, in Apple’s mind, to file for the appeal. However, the present circumstances are an investigation into a terrorist attack carried out on American soil. From the FBI’s perspective, they are doing everything they feel necessary to thoroughly investigate this case and will not simply let the phone sit idly if there is a possibility it contains information sensitive to the case. If they do not attempt use every resource available to thoroughly investigate this case, they would be performing a disservice to victims and their own case. They have recovered much of the data from the shooters iCloud backup but there are several weeks of missing information from the last backup to the day of the shooting.1 The FBI is also contesting Apple’s statements of what was specifically asked of them to provide. Apple is claiming the FBI wants a ‘back door’ into the iPhone, that is, the ability to access any iPhone which would set off the possible series of events trampling civil liberties. Investigators say they are only asking for access to the phone, that is, a means to run thousands of numerical combinations on only the shooters phone, known as the ‘brute force’ hack, without the security feature kicking in that wipes all information after 10 incorrect attempts at unlocking the phone. These are two very different scenarios but require further exploration through current legislation. The vendetta is differentiating when civil liberties are in jeopardy due to an unlawful request, as Apple claims, and when requests from federal agencies are lawful and limited, as the FBI claims, specifically when there has been cooperation in similar instances before.
The FBI has cited the All Writs Act, a law passed in 1651 as the grounds for their request. The Act states, “[t]he Supreme Court and all courts established by Act of Congress may issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law”. Or that courts can compel companies and individuals to help carry out the means of an investigation through writs (which are written orders issued by the court, such as a warrant). In the case of the United States v New York Telephone Co. in 1977 the court established three conditions under which the execution of search warrants by a third party (company or individual) are to be executed:
- The third party’s involvement cannot be so unconnected to the case so that making the request is unreasonable.
- The request cannot put an ‘undue burden’ on the third party.
- The assistance of the third party must be necessary for the warrant to be executed.
Much was made of the FBI citing a 227 year old law in modern time but the fact is this law is constantly referenced without any problem, more specifically 70 times before with regards to Apple, which begs the question how were those instances any different than recent cases? During a case in New York in 2015 (unrelated to the terrorist attacks), the courts again asked Apple to unlock a phone in question during a criminal investigation but Apple skirted around it, citing the Communications Assistance for Law Enforcement Act (CALEA) the law that “requires telephone companies to preserve law enforcement’s ability to wiretap”. A summary of their claim is as follows, “Apple claims that as an information service provider, it is expressly excluded from CALEA [because they are only named, not ordered to assist under the law], which only applies to “telecommunications carriers.” Therefore, the company argued, All Writs [Act] cannot apply [since there is no gap in the law for All Writs to expand into]”. They also claimed that under CALEA they are simultaneously defined as something other than a ‘telecommunications carrier’ in which case they are excluded from being forced to cooperate. Apple used CALEA to justify that there is no gap in the law for All Writs to apply and that the existence of CALEA and its definition of Apple protects them from any sort of cooperation. Let us then conceed that All Writs cannot apply to Apple and that CALEA protects them in the current legal climate. The alternative would then be both sides working together to draft a specific legislation so that Apple can ensure the FBI and other intelligence agencies requests are limited and that customer privacy and civil liberties are protected. This is, after all, a terrorist investigation. But Apple is at the forefront of opposing legislation both in the U.S. and abroad in this regard. So it appears as if Apple is skirting around the application of laws in a circular manner:
- The request is unlawful.
- Cooperation could create a dangerous precedent and a flood of requests they would then have to abide by, specifically requests from non democratic countries.
- Using current legislation as a means to create a zone of immunity for themselves.
- Are also preventing any legislation specifically aimed at the issue of encryption on the grounds of user privacy.
If in fact the FBI are only asking for a way to ‘brute force’ hack into the shooters phone and only the shooters phone, are open to the process occurring on Apple’s premises, and that the encryption can be destroyed as soon as the information is acquired, then in my eyes Apple can fulfill that request while protecting the security and privacy integrity of its users at large without the need for specific legislation. CEO Tim Cook’s letter addresses that Apple is putting up this fight “challenging the FBI’s demands with the deepest respect for American democracy and a love of our country”. But as our source from the Lawfare Blog poses, “We will leave for another day the question of whether a multinational corporation with shareholders and customers worldwide and production in China, is meaningfully capable of patriotism, let alone love”. Apple should comply with investigators in the limited capacity which they are being asked without the need for more specific legislation as the expressed scope of the FBI’s request is already limited.
