It is not often that a legal battle over smartphone firmware captures the national imagination, but such is the case as the FBI tries to access the data contained on suspected San Bernadino shooter Syed Farook’s iPhone. The feds want Apple to help it break into the phone, under the authority of an obscure 1789 law called the All Writs Act. Thus an ancient statute meets an icon of the digital age. This odd pairing is strangely appropriate, as the Apple case, and others like it, will help to determine whether our hard-fought gains in civil liberties will survive today’s technology.
The FBI has a search warrant, and thus the right to examine the phone of the suspected shooter. But it ran into a technical problem when it tried to do so. Apple uses encryption in its iPhone design, and if you don’t know the password, it is almost impossible to break in. While one can attempt to “brute force” a password—enter every possible combination of allowable characters until at last alighting on the right one—an optional feature causes the phone to delete all of its data after ten failed attempts to enter the right password. No one seems to know if this feature has been enabled on this particular iPhone.
Faced with this problem, the FBI has obtained a court order demanding that Apple provide “reasonable technical assistance” to bypass or disable the phone’s auto-erase function. Apple is fighting the order, arguing that if it creates the software tool the FBI wants, this tool could be used in the future to prevent any iPhone from erasing itself, thereby undermining the product’s security features. Apple is also concerned about the legal precedent this case could set, forcing the company to aid any government—democratic or repressive—seeking to breach the security and privacy of its millions of users around the globe. The FBI argues that this case concerns only a suspected terrorist’s iPhone. Apple argues that at stake is the future of privacy and security in the digital world.
Both Apple and the FBI are right, and that is the problem. Courts decide cases one at a time, but those cases together create the law. This case is one of several pending that may guide the law toward a point where every digital interaction is within reach of the government. Or, by contrast, these cases could set limits on the ability of the government to break security technologies, such as passwords and encryption, that guard us from prying eyes of domestic and foreign governments, criminals, and terrorists.
What principles will guide the courts facing novel questions about surveillance in an era when our data is held by dozens of companies? Law enforcement wants to analogize to bank and telephone records, which it can access without warrants under what is known as the third-party doctrine. But there is reason to resist this logic today. It has become essentially impossible for most Americans to avoid committing their lives to the digital record. Access to all of this data would mark a vast expansion of the government’s power to tear down the walls of privacy. It is therefore essential that the public support tech firms standing up for privacy, even as we may have good reason to question those companies’ motives.
Read the full piece at the Boston Review.