Apple vs FBI: Doing the Right Thing for the Wrong Reasons

For most, the Apple and the FBI row over access to a terrorist’s IPhone contact book is simple, Apple should provide it.

In December 2015, radicalised Islamic terrorists Syed Farook and his wife Tashfeen Malik shot 14 people and injured 22 others in San Bernardino.

FBI agents investigating the background to the incident having already opened two personal mobile devices belonging to the pair found they could not get into a work IPhone owned by the pair and asked Apple to open it. Apple declined, and the FBI obtained a court order demanding the company to comply with its request.

The problem for the company is that it is sitting at a crossroads in the history of technology.

Research by technology companies has found post Edward Snowden – the NSA whistle-blower who revealed the wholesale surveillance of mobile phone data around the world by the NSA and UK’s GCHQ – a trend for people to protect their data called Privacy as a Service developing alongside another service known as Security as a Service both seen as essential to the take up of cloud computing.

The problem for Apple is being seen to be a willing accomplice of the US Government something post-Snowden that cost the big US technology companies as customers pulled back from the cloud due to security and privacy concerns.

The problem for the company is that it is sitting at a crossroads in the history of technology.

It is a concern over US and UK Government activities that has seen the development of data safe havens in parts of Europe most notably in Helsinki and Berlin.

Indeed, in March 2016, Berlin hosted the Logan CIJ Symposium which included among its speakers Snowden and Julian Assange among many significant opponents of government communication surveillance.

Conscious of the appetite for privacy Apple, Facebook, Google, Linked-In, Microsoft and Yahoo all signed an open letter to President Obama asking him to scale back US Government surveillance and since have all indicated that they are unwilling to co-operate with it, not for moral reasons but because they can see it will impact on their profits.

Something that the UK Parliament’s Science and Technology Select Committee warned the UK Government over in February regarding its proposed Data Retention and Investigatory Powers Act.

While the implementation of the new EU directive on Data Protection, only a year away, will require that businesses should be clear about the reasons why they are collecting information and the purposes it is being collected for.

In spite of the caveats that governments have put into the legislation allowing them to ride rough shod over the principles in pursuit of criminals and terrorists, it is predicted this will increasingly be resisted and will be challenged legally. In the US the EU legislation is being examined with interest by groups who see it as the potential foundation for similar measures in America, the technology companies do not want to be seen to be on the wrong side in a battle to assert data rights.

So it is this fight over the rights to data in the information age that underlies Apple’s current response. As the public starts to become aware of the uses its data is being put to by technology companies and governments it will want more and more controls over the use of its data and protections for it, that limit its use.

More interestingly it will also demand a return from the collection and processing of its data and challenge organisations over whether the processing of data confers ownership.

In the 1980s, German people rebelled against increased census data demands from the German Government yet since willingly supplied more information to Facebook than the German Government had wanted – proving they wanted to give information to Facebook but did not trust the German Government with their data, or that it would use that data in their best interests.

So Apple is prepared to fight its corner as privacy supporters will say it was prepared to defend data on behalf of those who had agreed to its collection and use for the purposes it was to be used for.

Previous versions of the Apple phone were protected by a four-digit pin which allowed 10 attempts before wiping the phone. For investigators this proved to be no challenge and by attempting nine guesses and then powering the phone down they were able to break into phones within two weeks. It was also possible to get into the phones by connecting straight onto the processing chip. In the latest IPhone Apple remedied this by introducing a six-digit code which would take years to brute force and removing the power down reset facility, the phone is also wiped if any attempt is made to connect directly to the chip. The result if that the Apple phones are now virtually unbreakable unless the code governing access to the password system is rewritten disabling the software that allows 10 password attempts.

“The issue for Apple is that they are trying to force it to build a new operating system that they could put on a chip,” said Professor Andrew Blyth, an expert in computer forensics from the University of South Wales. “The idea is that the FBI can then install that on the phone so that it would disable the protection mechanisms around the password which would allow them to then brute force it in a a matter of hours.”

Thus we now have a stand-off and the stand-off is to see who blinks first, hacking experts say the US Government does not need a back door. If the US spends the time and money necessary it can break in, but the US Government wants to be seen to be more powerful than any technology firm and to establish that it has primacy over the ultimate collection and use of data. It would appear to be a point of principle; no one is above the law, but what will be interesting will be whether long-term it will be established that this includes Governments.

Apple is saying that the Government does not have the right to deal a mortal blow to its business by undermining its credibility, letting the whole world know that it’s data is not safe in an IPhone and making the systems a target for hackers because of the back door.

The result of Apple’s compliance will be businesses and consumers will not buy a product that they know is impugned.

Apple’s brand value is all. Apple owners do Apple’s marketing for them – letting the phone’s security be questioned means that competitors will point out that they may be pretty, but they are simply chocolate teapots. They look attractive and desirable but leak like hell.