A federal judge has ruled that Apple must comply with law enforcement agencies by assisting with gaining entry to a specific iPhone belonging to one of the San Bernardino shooters. The available court papers had shown that Cupertino-based Apple had previously declined to voluntarily assist with gaining access to the iPhone 5c owned by one of the shooters, who is accused of killing 14 people at a Californian health clinic alongside his accomplice in early December 2015. Today’s ruling means that Apple will be required by law to assist the FBI in gaining access to the device, but the company which was given five days to respond, has already issued an open letter, which pretty much sums up that it will not be playing to the FBI’s tune.
The requirement placed upon Apple doesn’t actually involve going through the process of stripping encryption from the device itself. The company has been ordered to assist law enforcement with securing the passcode used on the iPhone 5c, which will also likely to extend to actually investigating the communications to and from the device to see who the attackers were communicating with on a regular basis leading up to the shootings. It’s likely that once access is gained, focus and attention will be paid to messages sent via Apple’s own iMessage platform, as well as other communication tools like WhatsApp, but all of that is based on the assumption that Apple will comply with the ruling, which it clearly is in no mood of.
The ruling has come about after a 40-page document was submitted to the court from the US Attorney’s Office demanding that Apple be forced to participate in the investigation and assist law enforcement agencies involved in the case where possible. Part of the prosecution’s document claimed that the case had essentially been affected by Apple’s reluctance to assist with securing access to the iPhone:
The government has been unable to complete the search because it cannot access the iPhone’s encrypted content. Apple has the exclusive technical means which would assist the government in completing its search, but has declined to provide that assistance voluntarily.
The interesting thing about the whole ruling is that the judge has essentially ordered Apple to do something that isn’t really technically possible. Rather than remove encryption from the device, Apple has been ordered to remove the passcode attempt limit as well as put measures in place that bypass the auto-erase functionality baked into iOS. Tim Cook’s company has been given five days to respond to the ruling to clarify whether or not it would be “unreasonably burdensome” to comply with the order, and while we cannot be sure what’s going on behind the closed doors, Cook and team have issued an open letter titled “A Message to Our Customers”, which starts with the following lines:
The United States government has demanded that Apple take an unprecedented step which threatens the security of our customers. We oppose this order, which has implications far beyond the legal case at hand.
The letter goes on to highlight the implications any compliance with the orders could have on the privacy of its customers in the future. Apple says:
Rather than asking for legislative action through Congress, the FBI is proposing an unprecedented use of the All Writs Act of 1789 to justify an expansion of its authority.
The implications of the government’s demands are chilling. If the government can use the All Writs Act to make it easier to unlock your iPhone, it would have the power to reach into anyone’s device to capture their data. The government could extend this breach of privacy and demand that Apple build surveillance software to intercept your messages, access your health records or financial data, track your location, or even access your phone’s microphone or camera without your knowledge.
The company has mentioned that opposing the court’s order is not one that it is taking lightly, but challenging the decision is needed for everyone to understand the implications of creating backdoor entries into the iOS platform, and how once that is done, it could snowball from one case to another wreaking havoc on customer privacy.
You can read Apple’s full response in Tim Cook’s open letter to customers here.