"For Best View, Please Open this Website on Laptop / Desktop Or Mobile"

20 February 2016 / Others

The Apple encryption saga...

Application Controls Audit


Apple’s CEO Tim Cook, in a very public letter, has opposed the US government’s demand to incorporate a ‘backdoor’ in an iPhone 5C. The cyber world has been abuzz with activity ever since.

I have been following this with interest, and also trying to make sense of, arguably, one of the biggest question since Edward Snowden. A few questions come to mind and I try to muse through them here:

Let us begin with the premise that with a proper warrant, the police can conduct a search of the property and belongings of any person they suspect. Your phone and computer are your belongings. So, technically, they can search through your phone and computer as well. The government may break open doors or pick locks. They can try and gain access to your computer to access your data. Again, all the while by following due judicial process with search warrants and all the associated paraphernalia. In case they do not have the skills or expertise, they are free to obtain the same from specialists. A locksmith can be brought in to pick a lock or a computer forensic professional may be brought in to brute force a system.

Up to this point, there is no confusion. Everyone agrees to this. Apple too says that they have done everything within their power to help the FBI.

Where does the confusion, then, come in? The confusion begins when you ask the question:

Is the FBI request in the San Bernardino case any different from seeking for expert help to solve a crime?

Here there are two views. One argument states that there is nothing wrong with this one request. After all the FBI has asked Apple to help access one phone, which is no different from asking a locksmith to open one door.

The second view (Apple’s view) is that deliberately creating technological weaknesses is like asking the lock manufacturer to create pickable locks. Should this be allowed for the greater good? Can it be misused by non state actors - rogue nations, for example, to compromise our national security?

After reading many views and counter views, I think the core issue being discussed is related to 3 key points:

Authority - No one debates authority here. The government is right in asking for the data on this particular phone. It is also right in asking all the help it can get, in the interest of national security. Data privacy is not a concern when we are talking national security! Authority would only be a concern in case of wider surveillance.

Precedence - Those in favour of the FBI say that this is a one off case and Apple is trying a scare tactic without any base. The government is within its right to search through anybody’s belongings as long as there is a valid reason and they are following due process. There is no question of precedence or no precedence.

Those supporting Apple, think that this could only spiral downwards to create an Orwellian society where everything is under surveillance. If the FBI is asking for data of a known terrorist now, isn’t it justified to ask for data of a suspected terrorist? After all, prevention is better than cure. What about a case where child pornography is involved? Surely you will need to access a pervert’s phone! What about broader surveillance of a set of people who are suspected on being involved in anti national activities? What about surveillance of those people who receive calls from under surveillance individuals? - all in national interest of course.

Does allowing this one case set a precedent that can build up a stack of case laws that could eventually allow any device to be accessed without much hullabaloo?

Technology - This is the biggie. Should the government have a key that can gain access to all phones? If the technology does not exist, should the government ask manufacturers to tweak their technology to give them the key?

The supporters of the government take a rather narrow view here. They say that in this one case, Apple should give the data. National security is more important. They also say that what the FBI is asking is not a backdoor, but just a way to unlock one phone. They say it is technologically possible. Ars Technica seems to think it is possible too.

Apple says that by doing it for this one instance, it is creating a backdoor that can be used for all phones of the similar model. Apple, in fact, goes on to say that it is not possible to create just a ‘one-off’ instance and essentially, they are being asked to create a backdoor that they think has the potential to be exploited - big time. What if this falls in the hands of the terrorists? Could they not then, steal data and cause more national security issues? What if rogue states get their hand on this? It could even lead to the next world war!

Also, even if Apple does create a deliberately weaker phone, those who require such levels of encryption can get it anyway using other means. It is only the common folk who trust Apple with their data security that will suffer.

As you can see, both sides have certain very important points that they highlight. It is a tough call!

Here is my take: