The Encryption Debate

On December 2nd, 2015, 14 people were killed in a terrorist attack in San Bernardino, California. The FBI seized an iPhone 5C which may contain information crucial to the case, and obtained a court order requiring Apple to create a version of the iPhone operating system to bypass security features and access the data.

Pro Government

First let’s consider the proposed course of action from the U.S. government. When examining the morals and ethics of their actions, it’s important to understand the responsibilities of the state and how this drives their narrative. The FBI believe the seized iPhone may contain information that is critical to the case at hand and may possibly lead to other terrorists/terrorist organisations; based on this assumption the government has a moral responsibility to pursue this line of action to protect its citizens from further harm. A simple thought exercise can illustrate this point: if the iPhone contains the information the FBI believes it to hold, is preventing the access of this information morally justified if it can lead to the prevention of more attacks? If this is the case, would Apple still reject the court order? If they would, then it can be argued that they are endangering people’s safety and security and would be held accountable if such an attack was carried out. However, it is likely that they wouldn’t, in which case the action taken by the FBI and U.S. government is the right course of action to pursue.

From the court order presented to Apple at the FBI’s request, it’s clear that what is being asked of Apple and the means by which it will be achieved (laid out in point 2. in the document) are reasonable and completely achievable. Apple themselves acknowledge this in their public statement, but claim that the issue is much bigger than the case at hand. Is their stance genuine? Apple has a history of compliance with other data requests including unlocking iPhones 70 times since 2008, not including the assistance already provided in this specific case for their iCloud service. It can then be argued that, given these points and the high-profile nature of the case, Apple is using this case as a means to build on their public image as they are currently experiencing declines in profit, valuation, and investor confidence.  They are receiving fairly favourable coverage from some elements of the media and are framing their stance on the issue of standing up for privacy and security. Is Apple putting its business interests before the security of the U.S. population? Are they disingenuously stopping the U.S. government from performing its moral duty to protect its citizens?

The FBI’s statement on the issue clearly addresses and acknowledges some of the concerns that have been raised in opposition to their actions, whilst raising an important point that this case is a part of a continuing effort to balance privacy and security in our technology driven world.

Pro Apple

On the contrary Apple is protecting the main stakeholders from their viewpoint; their customers. Whether their decision is a moral standpoint or purely strategic, it’s in the best interests of Apple customers worldwide that private information stays secure. Apple has no formal framework to evaluate their moral responsibility when it comes to disclosing private information, instead this decision is based on the informal framework of common sense. As stated they have previously been compliant with subpoenas and search warrants for data, so what makes the proposed tool such a troubling precedent?

The iPhone in question is a model 5C. Previous tools developed by Apple to assist the government could simply bypass the lock screen as data was not encrypted. Since releasing devices with the A7 processor, data is only unencrypted when the lock screen passcode is combined with a key embedded in a separate computer inside iPhones – the secure enclave – which is why the tool is a necessity.

In essence, the order is asking Apple to do is go back on the security advancements made over several years in order to protect customer data. As Sundar Pichai, Google’s CEO stated in a series of tweets, “[complying with valid search warrants is] wholly different than requiring companies to enable hacking of customer devices & data.”

The US government has fed off of the magnitude of the attack and the fear it induces to mislead its citizens into a decision that is not fully understood. If such a tool is created for this case, a precedent is set for the FBI’s right to force the hand of commercial organisations. Last year Obama criticised the Chinese government for a proposed law that would mandate foreign companies into providing an encryption key for all devices sold in China. The governmental order would almost certainly prompt China and other authoritarian countries to make similar demands of Apple. In doing so it’s expected that data breaches by countries such as China and Russia should increase, something the US government considers to be a major national security threat. Should the creation of such tools be forced, where do the limits of government’s demands end?

iPhone models 6 and above require fingerprints as an additional security layer. The sensors are paired on the device-level such that one iPhone will only work with one TouchID sensor. Should the FBI require access to newer devices, could they demand Apple lift this measure set to protect data? By examining the possible ramifications of the proposed tool it can be seen that the argument boils down to whether the FBI should have the authority to force Apple to go back on security engineering developments they make. If encryption is designed to keep people safe and is taken away from the public, then who is left to utilise it but governments and criminal organisations?

The above image shows public opinion in the UK is in favour of the FBI’s actions, as well as this article on U.S. opinion. Who do you side with?

58: Ryan Dignum, Matthew Lister, Richard Berry, Jake Jones

Advertisements

7 thoughts on “The Encryption Debate

  1. As any story there are two sides and my opinion on these sides is a confusing one, as I agree and disagree with both.

    Because of the current situation looming over us worldwide we need to feel some form of safety. And if this means that an iPhone can provide information on current plans for the next terror attack surely there would be no question in this. But in my opinion, I can also see what Apple are saying, they want to stick to what they had promised. And this is a where I’m stuck in a decision. As a young woman living in London, knowing full well that one day a terror attack may happen around the corner from me quite frankly scares me and I need to know that the government/FBI are doing something about this. I need to feel safe. And if this means breaching the apples said rules then I think, in my opinion, it should happen!

    I know we then have a problem with whom do we give permission to, to enter the information on an iPhone in an investigation. Surely they have the common sense to know that if this information helps protect the lives of the public, not only in Britain but worldwide then we should go right ahead.

    But does this mean as soon as those gates are then opened our personal security with Apple is something to then worry about? Because as someone who does have an iPhone I’m already aware that Apple isn’t exactly secretive with the information on the phone. For example, they can send my information to all different companies, like Facebook. And this is something I don’t agree with and, therefore, means I don’t have Facebook on my phone.

    My conclusion to my opinion on this matter is as follows; yes I think this specific phone should be unlocked by Apple but I would like a rule set where I as a normal iPhone user I would feel at easy that my phone and personal information is safe.

    I think public safety is a big word here. The public wants to be safe. And what is the best way to do this? Surely that is the next question we need to ask.

    Like

  2. While not approving of Government prying in general, I do feel that they have the right to gather relevant information on criminal activity of any nature. Given that the individual concerned had engaged in a murderous activity (terrorism is suspected but not proved) then it is entirely legitimate for the Government to acquire information which might prove the motivation of the individual and also be a means of stopping further similar attacks. While Apple should insist that any requests for such information have the relevant legal safeguards currently in force for phone tapping, for instance, I feel that they are putting lives at risk by not co-operating with the Government and should reconsider their position.

    Like

  3. I think when it is in the public interest and especially when many lives could be at stake, Apple should have a back-door mechanism that they could be forced to use. This should be restricted to a very small group of Apple employees. It should not be possible to make this mechanism available outside the company so it could not be passed to others. I would not like this back-door to be available to law enforcement officers as there is too much potential for abuse – like the RIPA act in the U.K.

    Like

  4. As an iPhone user I can understand Apple’s thinking, not just in terms of it possibly then setting a benchmark for what information organisations can demand access to, but strategically the case suggests or shows how secure their devices are and that can only give their customers confidence in their products. However, this shouldn’t be about them protecting their brand image, it’s about a terrorist attack and the safety of the public now and going forward. Therefore, if as this post states, all Apple need to do is revert their encryption software back to a previous version in order for the FBI to access the information required on the phone; then I think public safety has to be their primary concern and they should cooperate with the FBI’s investigation.

    Like

  5. Hmm, after much thought I’m with Tim Cook and Apple on this one. Why? Well, firstly the wording of the FBI request is telling, I’d be more sympathetic to their request if they’d simply asked Apple to deliver information held on the device however they’re asking Apple to make it easier for the FBI to unlock the device. If Apple were to do this then it reduces the integrity of their product and individual user security and privacy. You might argue this is the collective price we have to pay to guard against threats to national security and terrorist atrocities but I don’t doubt that if Apple comply then terrorists etc will find an alternative way to encrypt communications leaving us no better off in terms of national security but potentially worse off in terms of security of personal information. Additionally I can see this as the start of a slippery slope, starting with “to protect national security” but before long it’ll be for “matters of public interest” which in effect means that anyone’s personal information can be accessed. It’s tempting to focus on the short term implications and the aspects of this specific case but in my view the FBI’s goals can be achieved without eroding our individual right to personal privacy.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s