Ringside Seats to the Apple/FBI Battle

The gloves have been tapped, and two major forces are about to square off. In one corner is Apple, and in the other is the Federal Bureau of Investigation. It all comes down to an iPhone that belonged to one of the San Bernardino shooters, but may turn out to have far-reaching implications for the entire tech industry.

The Situation

A court has ordered that Apple assist the FBI in opening up the iPhone, specifically through the use of a password crack. According to Wired, this would involve Apple writing code for a new tool that would be able to subvert or eliminate security controls put in place on the iOS operating system. You may think that while this is technically complicated, it shouldn’t be a problem for a non-Apple group to overcome, given appropriate time and resources—things that the FBI certainly has access to. However, iPhones only accept updates to their firmware if they are digitally signed by Apple, so in order for the FBI to have access, they need Apple to provide their digital key to sign that software. This would essentially communicate that this is an Apple-approved piece of software, an endorsement that Apple does not agree with.

Furthermore, if the FBI tries to tamper with the encrypted phone too many times, a built-in security feature will wipe all the data from the device.

The FBI Perspective

The FBI believes the encrypted data on this phone is critical in the fight against terrorism, and is a matter of national security. It has asked for narrow assistance in the matter, which it states pertains only to this iPhone. It highlights the growing propensity for technology to collect more and personal data and the growing urge for collaboration between the government and companies that collect that data. Government organizations intend to use it for the purposes of keeping the country safe.

In its case, the government is invoking the “All Writs Act,” an 18th century statute that compels private companies to assist law enforcement investigations. According to NPR, Apple has received orders to help unlock 12 other devices as well.

The Apple Perspective

Apple has refused to comply with these orders, stating a number of reasons. At the core of these arguments is the idea of the “slippery slope” in terms of cracking encrypted devices. Currently, as long as Apple refuses to compromise their encryptions, they state that personal information is essentially safe. However, if a backdoor were to be created, that compromise is out there, and Apple is wary to release that out into the world.

Apple is expected to defend its position by invoking the First Amendment of the Constitution, where it was established years ago that code is protected as free speech. This may be important in respect to the digital signature that Apple has been asked for, because this would essentially be an endorsement on behalf of Apple, and it may be construed as compelled speech.

What This Signals for Tech

Apple CEO Tim Cook has intimated that to acquiesce to these kinds of demands sets a dangerous precedent that could expose the public to widespread vulnerabilities, and sets the stage for a larger conversation on the role of data collection in the emerging field of the Internet of Things. Across the world, more and more devices are being equipped with sensor-tracking, camera-installed, data-collecting and Internet-enabled components, allowing for a level of surveillance into the habits and movements of everyday lives in a way never seen before. The rules are still being written around the ability to access, collect, control and surveil that information, and no matter what side of the debate one may fall on, this case has the potential to set the standard for how Americans interact with their devices for years to come.

MSPs should pay careful attention to the details of this case, as it may come up in conversation with clients in the future. As the expert IT solutions provider to your clients, it is essential to discuss the potential ideas in this space and to keep them educated about the painstaking efforts managed IT services providers take to keep their clients’ data secure at all times.

See also:

Looking to teach end users how to stay secure on mobile?