Apple, Encryption, and Backdoors

On February 16, The CEO of Apple, Tim Cook published an open letter in response to a court ruling in the San Bernardino terrorist attack case. The ruling requires Apple to provide the government a means to circumvent a key privacy feature with newer models of its iPhone. This is another important example of the privacy vs. security challenge in the Internet age.
The specific issue is the desire of the FBI to gain access to contacts, text messages, and photos that may be stored on the phone. The iPhone 5C software is designed such that if 10 incorrect passwords are entered in a row, the phone’s software automatically wipes all of the data on the phone. Apple made this change in the aftermath of the Snowden disclosures to increase the privacy protections for their customers as business decision. The feature also deters simple crime; a feature that turns the phone into a digital brick makes it less desirable as a stolen good. Apple does not have a means to know the lock code by design.

The risk for Apple is that by developing a new algorithm to bypass the security in this one case, they will create a tool that could be copied and used to unlock any iPhone anywhere. The potential precedent of the case is much larger. It would force a company to a give the government the ability to force a company to give the access to customers’ private information not held by the company but information solely retained by the customer.
The government’s interests in the case are legitimate. The terrorist attack in San Bernardino was heinous and there may in fact be information on the phone that is of value in the ongoing investigation. It is however a slippery slope. The case has implications not only domestically but internationally as well. The U.S. government has opposed the requirements for the installation of backdoors in equipment sold to China. Stuxnet showed that sophisticated cybertools can be
easily reprogrammed once they are released into the ecosystem.
This issue is something that deserves serious debate and discussion. It is a political vice a technology decision. The decision requires balancing privacy and the presumption of innocence with the obligation of governments to protect citizens. There is no simple choice.
I will watch the ongoing story with great interest.
For more information refer to the International Relations chapter of Protecting our Future, Educating a Cybersecurity Workforce Vol. 2 available at http://www.nationalcybersecurityinstitute.org/publications/protecting-our-future/
Sources
Apple. (2016, February 16). A Message to Our Customers. Retrieved from http://www.apple.com/customer-letter/
Nakashima, E. (2016, February 16). Apple vows to resist FBI demand to crack iPhone linked to San Bernardino attacks. The Washington Post. Retrieved from https://www.washingtonpost.com/world/national-security/us-wants-apple-to-help-unlock-iphone-used-by-san-bernardino-shooter/2016/02/16/69b903ee-d4d9-11e5-9823-02b905009f99_story.html?hpid=hp_rhp-top-table-main_encryption-835pm%3Ahomepage%2Fstory
Newmeyer, K. (2015, June 5). China’s New Rules: Give Us the Keys or Stay Home? Retrieved from http://www.nationalcybersecurityinstitute.org/international/chinas-new-rules-give-us-the-keys-or-stay-home-2/