It’s hard to overstate the tech world’s fascination with the legal standoff between the FBI and Apple. Laymen might look at the dispute and shrug; after all, the FBI is just asking Apple to help hack into one phone, and it’s not unusual for tech companies to help the police.
“Apple does provide ‘reasonable assistance’ to law enforcement all the time,” says Jeff Fischbach, a forensic technologist who specializes in retrieving data from devices for use in court. But he says what the FBI is demanding from Apple in the San Bernardino case is qualitatively different.
(For those who haven’t been following the case: The FBI wants Apple to write custom software that would make it easier to hack into a locked iPhone 5c used by Syed Rizwan Farook, who along with his wife, Tashfeen Malik, killed 14 people in San Bernardino in December.)
“I’m not convinced that the FBI has actually pulled out all the stops on this particular phone,” Fischbach wrote in an email to NPR. “The concerns they cited exist in any iPhone [forensic] exam, and yet this time they’ve seemingly declared their hands tied. It feels opportunistic. Like a chance to expand their tool chest.”
Many tech experts suspect the federal government is taking advantage of the public sentiment surrounding the San Bernardino massacre to force Apple into accepting the premise that it’s obliged to aid law enforcement even if it means creating new security weaknesses in the devices it sells.
But if that is the FBI’s strategy, it’s not necessarily a winning one. In his New York Times technology column, Farhad Manjoo concluded that the tech industry holds an ace: “the technical means to keep making their devices more and more inaccessible.”
It’s true that companies such as Apple are usually a step ahead of law enforcement, technologically. Every new generation of device or operating system represents a challenge for the in-house hackers at the FBI and other law enforcement agencies. It can take months for them to find a way into a new system, if they can find a way at all. And if the FBI succeeds in forcing Apple to write code to help hack this iPhone 5c, it’s presumed the company will engineer the next generation of iPhones to be immune.
But the government is also holding an ace: the possibility of legislation.
Robert Cattanach is an attorney specializing in cybersecurity who previously worked for the Justice Department. He predicts this fight will eventually go beyond the courts.
“Whoever is the loser in this will certainly plead their case to Congress,” he says. “Either, ‘We need a backdoor,’ if the FBI loses, or ‘You can’t give them a backdoor,’ if Apple loses.”
The question of whether tech companies should be required to build backdoors has been floating around Congress for a number of years now, pushed on one side by law enforcement’s growing complaints about how encrypted technology is “going dark” to legitimate surveillance and detective work; and opposed on the other side by Silicon Valley. As is the case with so many pressing issues in Congress, nothing much has moved so far, but a public fight over San Bernardino could break the logjam.
For Fischbach, this is a worrisome possibility, because he thinks the emotions tied up in the San Bernardino case might cause Congress to take the side of the FBI.
It wouldn’t be the end of encryption, he says, but it could be the end of easy-to-get encryption for the general public.
“[M]andating back doors only pushes the fringe,” Fischbach writes. People in the know — such as sophisticated crime syndicates or terror networks — will still figure out how to keep data unreadable, but “[f]or the rest of us with ‘nothing to hide,’ that just means we lose another piece of our privacy.”