March 1, 2016

Apple and the San Bernardino Terror Attack


  • A court has ordered Apple to provide the FBI reasonable technical assistance in accessing the data on the iPhone of one of the San Bernardino terrorists.

  • Apple is contesting the lawfulness of this order. There is also a technical dispute as to whether such assistance can be restricted to only this one phone.


In the fight against terrorism, FBI Director James Comey described the phenomenon of “Going Dark.” This involves the use of sophisticated encryption and other technology to prevent intelligence and law enforcement officials from accessing data to prevent terrorist attacks or investigate crimes. This can be “data in motion,” such as phone calls and emails during transmission; or “data at rest,” such as emails or text messages stored on a device. The data can remain inaccessible even though the government has a court order authorizing it to get the data.

Apple ordered to assist FBI (2/16/16)

Order requires Apple to assist FBI

Apple makes case against order (2/22/16)

Apple argument against Court Order

In the past, many private-sector businesses voluntarily cooperated with the government’s efforts to investigate terrorism. They helped execute programs designed to prevent future attacks. Apple’s response to this investigation runs contrary to past private-public cooperative efforts.   

INVESTIGATING THE ATTACKS

On the morning of December 2, 2015, Syed Rizwan Farook and his wife, Tafsheen Malik, pledged allegiance to Abu Bakr al-Baghdadi, the leader of ISIL. They then carried out a terrorist attack at the Inland Regional Center in San Bernardino, California, where they murdered 14 people and injured 22 others.

In investigating this terrorist attack, the FBI obtained a warrant from a judge to search and seize an iPhone 5c used by Farook. The phone was issued to Farook as part of his job, and it is actually owned by his employer. The employer has given consent for the government to search the phone.

The FBI has been unable to access the data on the phone. Apple has specifically designed operating systems – iOS 8 or later – with an “auto-erase function.” This feature permanently destroys encrypted data on the phone after 10 failed attempts to enter the passcode. Law enforcement authorities fear this function may be activated when they try to access the phone’s data.

LEGAL ACTION BEGINS

On February 16, 2016, the Justice Department secured a judicial order directing Apple to provide “reasonable technical assistance to assist law enforcement in obtaining access to the data” on Farook’s phone. This assistance is to be carried out so that it “would only load and execute” on this particular device. The government would like the auto-erase function disabled so that the FBI can conduct a “brute force” attack to guess the phone’s passcode. This would allow the FBI to make as many failed attempts as necessary, without destroying the phone’s data.  

The government used the All Writs Act as the basis for its application for this order. When Apple CEO Tim Cook said that the company would refuse to comply with the court order, DOJ filed a motion to force Apple to comply.

APPLE RESPONDS

Last week, on February 22, Apple filed a motion to do two things: 1) vacate the court order; and 2) oppose the government’s motion to compel assistance. A hearing has been set for March 22 in a federal court in California.

The main part of Apple’s argument concerns the use of the All Writs Act. It says that statute cannot be used by a court to create an obligation on a third party if Congress has not created such third-party obligations. The company goes on to argue that compelling Apple to create a product, i.e., to write computer code, is equivalent to compelling speech, which is a violation of the First Amendment. The motion also argues that conscripting Apple into such action violates Apple’s Fifth Amendment Due Process rights. The motion makes only one reference to the Fourth Amendment, which protects people against unreasonable searches.

CAN ONLY ONE IPHONE BE ACCESSED?

There is one primary technical question in this case: Can Apple fulfill the government’s request for technical assistance in gaining access to the phone used by Farook and only that phone?

As FBI Director Comey summarized: “We simply want the chance, with a search warrant, to try to guess the terrorist’s passcode without the phone essentially self-destructing and without it taking a decade to guess correctly. That’s it. We don’t want to break anyone’s encryption or set a master key loose on the land.”

Apple’s reply is: “this is not a case about one isolated iPhone.” It asserts that the government is attempting to force Apple to create an entirely new operating system to install on Farook’s phone, disabling the auto-erase security feature. Once made, Apple argues, there is no limiting principle for how many times this technology could be used in other instances. Apple says this new operating system is a product Apple does not currently have, has never made, and that “Apple believes is too dangerous to make.”

Apple asserts in its brief that if such a product were to be created, “it is only a matter of time before foreign governments demand the same tool.” A February 26 Los Angeles Times article notes that Apple has already chosen to be subservient to Chinese demands that the company make it easier for the Chinese government to access the data of iPhone users.

LAW ENFORCEMENT TRYING TO COME IN THROUGH THE FRONT DOOR

FBI Director Comey has described a problem of Going Dark in cases like the San Bernardino terrorist attacks. This problem could be addressed in several ways. It may have a systematic solution in the form of legislation. There also can be a solution specific to the particular circumstances, like this court order. Voluntary cooperation by third parties, to the extent allowable by law, would also be an option.

FBI Director San Bernardino press release

Apple seems to be saying that there are no circumstances in which it could technically comply with this order to assist the investigation of the San Bernardino attacks without compromising the data privacy of every other customer.

This is, of course, a highly complex technical question. It is unclear how much Apple’s claim rests on technical inability to provide access to Farook’s specific phone exclusively, as opposed to its desire to avoid providing assistance.

Apple has argued that the FBI wants Apple to create a back door to the iPhone. There is nothing clandestine about the government’s efforts here. The government is attempting to come in right through the front door of Farook’s phone with the authorization of the phone’s owner and a federal judge.