The Justice Department reported on Monday that it has discovered a way to unlock the iPhone of San Bernardino terrorist, Syed Farook, without aid from Apple. Consequently, the Justice Department withdrew its legal action to compel Apple to assist in the investigation of the San Bernardino mass-shooting. The unlocking method was brought to the FBI earlier this month by an unidentified private entity. It allows investigators to bypass the security function without erasing contents of the iPhone. The FBI is now reviewing the contents of the phone “consistent with standard investigatory procedures” according to Justice spokeswoman, Melanie Newman. The Justice Department dropping this case against Apple signifies a temporary retreat from a high stakes standoff between Washington and Silicon Valley over privacy and security in this digital age.
The FBI contended, in court papers filed in February, that because Farook disabled the phone’s iCloud backup function six weeks before the shootings, the FBI was left ignorant of Farook’s actions in the days and weeks before the attack. Farook’s iPhone was protected by an auto-erase feature that would permanently destroy all data on the phone after ten consecutive incorrect password entry attempts. By disabling the iCloud backup, Farook could keep all his data hidden behind the iPhone’s passcode lock.
Tension between technology companies and the federal government has been developing for over a year. Technology companies have increasingly used encryption as a default setting for their products, and have declined to help law enforcement agencies open suspect devices in some cases. The FBI’s goal in unlocking the iPhone was to obtain insight into the planning of the San Bernardino attacks and the movements of Farook and his wife, Tashfeen Malik in the hours after they shot and killed fourteen people on December 2, 2015. The FBI had argued that Apple was the only party that could help unlock the phone since it created the software. According to Apple, who has made security a central component of its marketing campaigns, it strongly opposed assisting the FBI in unlocking the iPhone because it would threaten the privacy of all its customers.
Apple contended that the FBI was grossly overstepping their bounds on personal privacy and that the demand would put an undue burden on Apple. It estimated that it would take up to ten company engineers and other workers a month to create the necessary software to unlock the phone and then Apple would just have to destroy it afterward. Apple’s opposition to assisting the FBI for fear of undermining consumer privacy was supported by Google, Facebook, Microsoft, and other tech giants.
The FBI’s ability to unlock an iPhone through an alternative method raises uncertainties and questions about the strength of Apple’s security on its devices. While Apple’s lawyers have previously asserted that Apple would want to know the method used to unlock the iPhone, the government may make that method classified. According to Esha Bhandari, an attorney at the ACLU, the government generally goes through a process, known as an equities review, whereby it decides whether to disclose information about certain vulnerabilities so that manufacturers can fix them. The FBI would be required tell Apple about any vulnerability potentially affecting iPhones unless it can show a group of administration officials that there is a substantial national security need to keep the flaw secret. Michael Daniel, special assistant to the president and cybersecurity coordinator, believes that disclosing the vulnerability may mean that the FBI would consequently forgo an opportunity to collect crucial intelligence that could thwart a terrorist attack.
Police have consistently contended that data encryption allows criminals to store information on smartphones to avoid detection. While it is still uncertain how the FBI gained access to Farook’s iPhone, if the FBI found a way around Apple’s security measures, it could allow access to police nationwide of similarly encrypted data in a much wider range of investigations. While many Americans may be unconcerned about the security of personal information on their phones, in other countries where due process of law and civil rights are limited, access by authorities to iPhone data could result in serious and unjust consequences for the individual.
Although the Justice Department dropping its case against Apple halts a pending legal fight over whether the government can force technology companies to write software to aid in criminal investigations, the questions of how secure electronic communications should be and what firms should have to do to help the government access their customers’ data still linger. Melanie Newman indicated that while Farook’s phone is no longer at issue, the broader fight over encryption-protected technology will endure. Newman asserted, “It remains a priority for the government to ensure that law enforcement can obtain crucial digital information to protect national security and public safety, either with cooperation from relevant parties, or through the court system when cooperation fails.”
Smartphones have the ability to reveal a variety of in depth information about their owners. For example, they can serve as a gateway to an individual’s communications, daily schedule and locations, interpersonal relationships, health information, financial information, and other data. Therefore, one can understand why technology firms want to protect devices from infiltration and why law enforcement wants to gain access to them. Without knowing the method by which the FBI unlocked the iPhone, it is difficult to posit what the security implications might be for iPhone users.
While the drama between the FBI and Apple has come to a standstill, the issues implicated will surely be of continuing debate as the FBI continues the pursuit of national security and public safety by obtaining crucial digital information through all available options.