On December 2nd, 2015, 14 people were killed in a terrorist attack in San Bernardino, California. The FBI seized an iPhone 5C which may contain information crucial to the case, and obtained a court order requiring Apple to create a version of the iPhone operating system to bypass security features and access the data.
First let’s consider the proposed course of action from the U.S. government. When examining the morals and ethics of their actions, it’s important to understand the responsibilities of the state and how this drives their narrative. The FBI believe the seized iPhone may contain information that is critical to the case at hand and may possibly lead to other terrorists/terrorist organisations; based on this assumption the government has a moral responsibility to pursue this line of action to protect its citizens from further harm. A simple thought exercise can illustrate this point: if the iPhone contains the information the FBI believes it to hold, is preventing the access of this information morally justified if it can lead to the prevention of more attacks? If this is the case, would Apple still reject the court order? If they would, then it can be argued that they are endangering people’s safety and security and would be held accountable if such an attack was carried out. However, it is likely that they wouldn’t, in which case the action taken by the FBI and U.S. government is the right course of action to pursue.
From the court order presented to Apple at the FBI’s request, it’s clear that what is being asked of Apple and the means by which it will be achieved (laid out in point 2. in the document) are reasonable and completely achievable. Apple themselves acknowledge this in their public statement, but claim that the issue is much bigger than the case at hand. Is their stance genuine? Apple has a history of compliance with other data requests including unlocking iPhones 70 times since 2008, not including the assistance already provided in this specific case for their iCloud service. It can then be argued that, given these points and the high-profile nature of the case, Apple is using this case as a means to build on their public image as they are currently experiencing declines in profit, valuation, and investor confidence. They are receiving fairly favourable coverage from some elements of the media and are framing their stance on the issue of standing up for privacy and security. Is Apple putting its business interests before the security of the U.S. population? Are they disingenuously stopping the U.S. government from performing its moral duty to protect its citizens?
The FBI’s statement on the issue clearly addresses and acknowledges some of the concerns that have been raised in opposition to their actions, whilst raising an important point that this case is a part of a continuing effort to balance privacy and security in our technology driven world.
On the contrary Apple is protecting the main stakeholders from their viewpoint; their customers. Whether their decision is a moral standpoint or purely strategic, it’s in the best interests of Apple customers worldwide that private information stays secure. Apple has no formal framework to evaluate their moral responsibility when it comes to disclosing private information, instead this decision is based on the informal framework of common sense. As stated they have previously been compliant with subpoenas and search warrants for data, so what makes the proposed tool such a troubling precedent?
The iPhone in question is a model 5C. Previous tools developed by Apple to assist the government could simply bypass the lock screen as data was not encrypted. Since releasing devices with the A7 processor, data is only unencrypted when the lock screen passcode is combined with a key embedded in a separate computer inside iPhones – the secure enclave – which is why the tool is a necessity.
In essence, the order is asking Apple to do is go back on the security advancements made over several years in order to protect customer data. As Sundar Pichai, Google’s CEO stated in a series of tweets, “[complying with valid search warrants is] wholly different than requiring companies to enable hacking of customer devices & data.”
The US government has fed off of the magnitude of the attack and the fear it induces to mislead its citizens into a decision that is not fully understood. If such a tool is created for this case, a precedent is set for the FBI’s right to force the hand of commercial organisations. Last year Obama criticised the Chinese government for a proposed law that would mandate foreign companies into providing an encryption key for all devices sold in China. The governmental order would almost certainly prompt China and other authoritarian countries to make similar demands of Apple. In doing so it’s expected that data breaches by countries such as China and Russia should increase, something the US government considers to be a major national security threat. Should the creation of such tools be forced, where do the limits of government’s demands end?
iPhone models 6 and above require fingerprints as an additional security layer. The sensors are paired on the device-level such that one iPhone will only work with one TouchID sensor. Should the FBI require access to newer devices, could they demand Apple lift this measure set to protect data? By examining the possible ramifications of the proposed tool it can be seen that the argument boils down to whether the FBI should have the authority to force Apple to go back on security engineering developments they make. If encryption is designed to keep people safe and is taken away from the public, then who is left to utilise it but governments and criminal organisations?
The above image shows public opinion in the UK is in favour of the FBI’s actions, as well as this article on U.S. opinion. Who do you side with?
58: Ryan Dignum, Matthew Lister, Richard Berry, Jake Jones