Apple Inc, in an open letter to its customers, refused to comply with a U.S. magistrate’s demand to unlock an iPhone used by one of the shooters in the San Bernardino terrorist attack.
The Dec. 2, 2015 attack on a San Bernardino County Department of Public Health training event left 14 dead and 22 seriously injured. Gunman Syed Farook and wife Tashfeen Malik were both shot and killed by police at the site of the attack.
Since the attack, the FBI has been unable to unlock an iPhone 5C used by the attackers. The phone is encrypted with password protection. Farook’s iPhone was updated to the current Apple operating system at the time of the attack, iOS 9, which included a security feature that wipes the phone’s data after 10 unsuccessful password attempts. It is not possible for the FBI to determine whether this particular phone has that feature configured or not, according to the motion filed.
On Feb. 15, U.S. Magistrate Judge Sheri Pym ordered Apple to give the FBI access to software that would accomplish three major functions:
“(1) it will bypass or disable the auto-erase function whether or not it has been enabled ;(2) it will enable the FBI to submit passcodes to the SUBJECT DEVICE for testing electronically via the physical device port, Bluetooth, Wi-Fi, or other protocol available on the SUBJECT and (3) it will ensure that when the FBI submits passcodes to the SUBJECT DEVICE, software running on the device will not purposefully introduce any additional delay between passcode attempts beyond what is incurred by Apple hardware.”
That same day, Apple CEO Tim Cook took to his website, where he posted a letter to Apple customers.
“The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers,” said Cook in the open letter. “We oppose this order, which has implications far beyond the legal case at hand.”
Cook then broke down the letter into four major sections: “The Need for Encryption,” “The San Bernardino Case,” “The Threat to Data Security” and “A Dangerous Precedent.”
The Justice Department clarified it only wanted Apple to provide software for this one particular phone and said the software should include a “unique identifier” to prevent it from being used on other Apple devices.
“Realistically, I don’t know if the government can do this,” said Dr. David Jenks, Professor and Chair of the Criminology Department at UWG. “The government is asking to open one phone, but Apple is arguing it would have to create a back door for all phones… putting everyone’s information at risk.”
The FBI is citing the All Writs Act, an 18th century bylaw, for use in an unprecedented technological case. The statute allows U.S. federal courts to “issue all writs necessary or appropriate in aid of their respective jurisdictions and agreeable to the usages and principles of law.”
“The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge,” continued Cook in his letter.
“This situation is similar to when the government instituted the Patriot Act aft 9/11,” said Jenks. “The question then was can the government invade privacy by tapping phones?
“Theoretically, the government could keep us safe if it monitored everyone’s phone all the time,” continued Jenks. “It’s this same battle between crime control and due process.”
While Apple states its sympathy for the San Bernardino attack, the company insists that any one breach would allow for mass breaching.
“Building a version of iOS that bypasses security in this way would undeniably create a backdoor,” read a section of Cook’s letter. “And while the government may argue that its use would be limited to this case, there is no way to guarantee such control.”
In Apple’s privacy policy, Cook states that Apple has “never worked with any government agency from any country to create a backdoor in any of our products or services. We have also never allowed access to our servers. And we never will.”
Apple has until Feb. 20, five days from the demand’s issue date, to formally contest.
