The FBI, trying to force Apple to break
into its own protected software, wants the public to ignore its own
failings and misstatements.
There's much more than anti-terrorism
involved in the attempt to crack a cellphone.
After the December 2015 attack in San
Bernardino, California, the two terrorists were quickly found and
killed. One of them had an Apple iPhone in his possession.
Though it did not need access to the
phone's data to pursue the terrorists, who were already dead, the FBI
wanted to see if they were part of a terrorist network. The FBI
asked for and received Apple's help in accessing the phone's data.
The FBI gained some information, but
agents thought more might exist. The phone had been automatically
backed up in October, making data until then available, but the FBI
also wanted the data between the backup and the attack.
Ignoring Apple's offer to help, the FBI
fumbled in its attempt to back up the remaining data. Apple says
that, with its available help, the FBI could have accessed the data.
The FBI reluctantly confirmed that was true.
The FBI could not otherwise access the
data, because it was password protected, and agents did not know the
terrorist's password. The phone's lock allowed only ten tries with
the delay between each try growing longer.
When asked, Apple said it had designed
the software to provide complete customer security and even it could
not access the data. The FBI then asked the company to develop new
software to break its own security. Apple refused.
It said that it had promised customer
security as part of its product. Even more important, it said that,
once the new software existed, it could be reused, even by America's
enemies, to view secret data.
The FBI then went to a California
federal court and asked it to order Apple to develop the new software
without waiting to hear Apple's side of the argument. After the
judge said she would give Apple time to reply, the FBI filed a
request that she should compel it to comply immediately. It argued
the new program could be controlled by Apple and destroyed by it
after just this one use.
As the basis for its demand, the FBI
relied on the All Writs Act, a law passed in 1789 allowing federal
courts to issue orders on all matters unless Congress had addressed
the issue.
Apple replied that the federal
government could not force a company to produce software and that the
program would end up being used more than once. The California case
remains in court.
Meanwhile, in New York, the FBI was
seeking the same password access program in a drug trafficking,
criminal case, not related to national security. The judge there
found that the AWA did not give courts the authority to order the
company to prepare new software, which would be overly burdensome on
Apple. He said that Congress had “considered [such] legislation
but not adopted it.”
In short, the AWA could not give courts
authority that Congress had intentionally declined to give them. The
federal judge decided in favor of Apple and turned down the FBI,
which has appealed his ruling.
The California case revealed that the
FBI could have accessed the data without the court order. The New
York case revealed that, despite the FBI's claim, it would not limit
its access to a single case.
The FBI seemed to be trying to stir up
public sentiment for its position by raising the threat of losing
terrorists' secrets. In this effort, it was willing to undermine
the principles of real security protection and user privacy and to
mislead both courts and the public.
That the FBI was on its own crusade
became clear when both the Secretary of Defense and the chief of the
U.S. Cyber Command said maintaining strong password protection is
more important than opening the access the FBI seeks.
The U.S. uses passwords and other
protections for its data and has its own software for breaking into
the secret files of other countries. Key agencies want no legislative
or court action that could compromise or expose their efforts. U.S.
adversaries should continue using software they may mistakenly
believe is impenetrable.
While virtually all Americans support
tough action against terrorism, the FBI-Apple case demonstrates the
dangers of total software access that overrides privacy rights,
supposedly being protected by the government. The situation is even
worse when, in its zeal, the government agency itself departs from
the truth.