One thing people seem to agree on today is that the government’s desire for a “backdoor” to encrypted user data will not go away, but will almost definitely reappear in some other court or legislative body.
“As sure as night follows day, the fight over strong encryption will flare up again,” said Senator Ron Wyden in a email statement to Fast Company. “Those of us who resist shortsighted efforts that would undermine the cornerstone of digital security and harm Americans’ safety need to continue to make our voices heard.”
One source suggested that the FBI might order some other tech company to weaken its encryption–some company that’s smaller, has fewer resources, and is less able to defend itself in court.
As it stands today, however, there’s no winner. “We are now, at least where the law is concerned, back at square one,” says former federal cybercrime prosecutor Edward McAndrew who worked in the U.S. Attorney’s Offices for the Eastern District of Virginia and for the District of Delaware for 10 years, and now runs a cybersecurity-focused law firm.
To quickly recap, the FBI got a court order to compel Apple to weaken the security of San Bernardino gunman Syed Farook’s iPhone so that the agency could access the data on the device. Apple refused to help, setting off a six-week war of court filings and media statements.
In most federal investigations involving iPhones, the court order requesting assistance from the tech company is kept under seal, McAndrew points out. The lawyers talk behind closed doors. The engineers and forensics people work together in secret. The public never knows about it.
So why did the DOJ and FBI decide to take this case public, very public?
Some have suggested the Justice Department took the case public because it (cynically) hoped that a win in open court would establish a legal precedent for requesting and gaining encryption backdoors, and even compelling tech companies to build the doors themselves.
“It really calls into question whether the case should have ever been filed to begin with or whether the FBI was really trying to use this sensitive situation to get the encryption backdoor that they’ve been after for years,” Congressman Darrell Issa (R-Calif.) said in an email to Fast Company Tuesday.
McAndrew said the DOJ may indeed have hoped for a legal precedent, but it was probably not the reason it took the case public. He points out that Apple also probably hoped to gain a precedent that would help it fight off government requests to weaken device security in the future.
The government’s real motivation, he says, may have been to start a conversation in the security community that would yield lots of third-party suggestions on how to break into the Farook phone without Apple’s help. And indeed it was such a solution that, most believe, ended up cracking the device.
But, as Congressman Issa asked FBI director James Comey in a March 1 hearing: Did the FBI and the Justice Department really review all their forensic resources for cracking the Farook phone before demanding help from Apple? (Comey answered that the FBI had reviewed all its options in the government and truly needed Apple’s help.)
App Association director Morgan Reed believes the FBI made an effort, but perhaps not a complete one. “Law enforcement agencies including the Department of Justice have a broad range of contractors and others that they partner with to explore different options,” he points out. “What’s fairly clear is that they didn’t do the necessary due diligence.”
Congressman Issa agrees. “We don’t yet know what method the FBI was able to use to break into the iPhone, but what we do know is that they clearly had not exhausted all possible avenues before opening this case.”
It may be true that the six-week standoff yielded a technical solution for the FBI, but the public nature of the debate may have yielded far more for Apple.
The debate about the government’s right to an encryption backdoor had gone on mostly underground until mid-February. The government’s desire for the data on the Farook phone was understandable to most Americans, but Apple’s insistence on maintaining encryption standards was less understood. With the torrent of media coverage, it seems clear that Apple and its executives have been given a forum to make the case for the importance of encryption–not only in terms of privacy but even to our national security interests. And many Americans have started to understand Apple’s position and to come around to the company’s line of thinking.
Meanwhile, the FBI and the DOJ, to many, came off looking less credible than before. The government appeared ill-equipped to deal with the technical challenges of fighting terror. In court filings, the FBI and DOJ sounded like bullies; they didn’t ask for Apple’s help–they demanded it, and questioned Apple’s motives in the matter in the process.
But most of all, the government came off sounding untruthful. It stated over and over that the solution it asked Apple to create would be used one time and on one phone. But it was soon revealed that the solution might be used on hundreds of iPhones in other cases all over the country.