But I struggle to understand the sanctity of the phone versus every other form of information storage. With proper judicial review your personal information has always been searchable. That includes bank accounts, phone records, computer hard drives, tax records, business records, email, written correspondence, photographs -- virtually anything. In the US, the only thing that stands between you and a search of any of these items is the 4th amendment which requires probable cause for the issue of a warrant.
So why is a photo stored on my phone unsearchable under warrant, while the same photo in an old-fashioned slide-carousel in my basement can clearly be searched for cause? The only plausible difference between a phone and other media is that modern phones amalgamate a wide variety of information in the same place. But so does my house and, given probable cause, the government can get a warrant to search that. So why not my phone?
The ability of the government to search -- given probable cause and judicial review -- is not despotism. It's the basis of law enforcement. It's how we catch rapists and killers and financial fraudsters and terrorists too. It's always true that such powers can be seen as targeting the law-abiding as well as the criminal but it's not possible to avoid that. That's why it's always a balancing act between personal privacy and civil society. Advocates for absolute privacy in the digital domain seek to fundamentally alter that balance in ways that are unprecedented.
It is incredibly frustrating to hear people making this specious argument over and over. Search warrants are used to seize property during criminal investigations. They also give judicial permission to the law enforcement agency seizing the property to examine the property and use the property as evidence against a criminal defendant. A search warrant was not even required in this case because the phone is not owned by the criminal...the phone is owned by a government agency. That agency simply consented to the seizure of the property and the search of the seized property. Search warrants are IRRELEVANT to this case.
A photo stored on your phone is NOT unserchable under a warrant (Riley v. California) if the police can access it the police can search it once they have a warrant. However, YOU cannot be compelled to unlock your phone...not even with a search warrant...because that violates the 5th Amendment (the case law is all over the place on why, but lets just say it boils down to the act of entering a password on a phone or any device as being equivalent to making a statement that you own the phone and its contents...which is a statement of self-incrimination you cannot be compelled to make.)
A photo stored on an encrypted phone is not the same as a photo slide stored in a carousel in your basement...the photo carousel is not encrypted. Now, if you had a safe in your basement that was impossible to open under any circumstances without your personal passcode and the photo carousel was inside that safe you start to get equivalent. If you were dead and there was no way to open the safe, then the police can seize the safe they just cannot open it...cause you are dead and the information needed to open it died with you. If they, law enforcement, figure out how to open the safe without the passcode, they are allowed to do so...through what ever means they deem necessary, including destroying the darn thing. What they cannot do is unilaterally force another person, against their will, to open the safe just because the police have a warrant. Warrants do not, and cannot, compel a person to do a thing they do not want to do, warrants are limited to allowing the police to physically collect and inspect evidence.
I simply do not understand why people cannot comprehend that this is not about whether the police can seize the photo in the first place.
Lets put it in more simply terms. You are a terrorist. You want to write secret notes to your co-conspirators that no one but you and they can read. To do this, you devise a wholly new language that no one but you and your co-conspirators know (lets call the new language gibblefritz). You write your diabolical plans down on paper in this new language. You send unencrypted emails in this new language to you co-conspirators. The police figure out you and your co-conspirators are a terrorists and they decide to arrest you, however, during the attempt to arrest you, all of you are killed. When the police search your corpse and your conspiracy hang-out, after getting a search warrant, they find your written diabolical plans in your pockets and in filing cabinets in the hang-out. They also find the emails on your computer.
There ends the power of a search warrant.
The police are desperate to read your missives to learn whether they killed all the terrorists or if there are others they don't know about...but they cannot because everything is in gibblefritz and the police don't read gibblefritz...no one reads gibblefritz. Now the police know that over at the University of Apulosi, Dr. MacIntosh is really really good at deciphering dead languages. So they take your gibblefritz writings to Dr. MacIntosh and they say "Dr. MacIntosh, please help us, please translate these writings." Dr. MacIntosh says "I am so sorry, but I just cannot. I don't have time. I'll have to write a whole new program for my deciphering computer. I don't have resources to do that and it will take a really long time to do. Helping you will sully my reputation. Helping you will undermine all my other work. No one will trust me if I help you. I don't want to learn to read the evil language of gibblefritz, anyway." So, the police go to to court and the beg the judge "Please, you honor, make Dr. MacIntosh help us read these diabolical writings. Don't listen to his excuses. The people are in danger, there may be other terrorists out there. The world will end if we do not find them. The world will end if we don't learn how to read gibblefritz. Give us a Writ to make Dr. MacIntosh do as we want."
This case is not about search warrants. Never has been, never will be. Its about whether a court can order a person (corporations are people too, Citizens United v FEC) to make something, from scratch, that they don't want to. The All Writs Act has never before been used in such a manner and the cases cited by the USDOJ do not support their position that it does (those cases required the phone company -the Bell Telephone Co, i.e. Ma Bell, and later ATT - to given the police the "pin registry" they already had in their possession for billing purposes so the police could see who the criminals were calling, or required the phone company to allow the police to install government owned listening devices on the lines for certain telephone numbers.) Now if the feebs have software in their possession already that they want to install on the phone themselves, but need Apple's help to do so, the AWW *might* reach far enough to force Apple to help, to the best of their ability, with the installation. But the feebs don't have the software, they want to turn Apple in to a slave to their desires that such software be created. If they are allowed to do that with Apple, then every person in the country can be conscripted against their will to do the bidding of the government no matter how much it will harm us personally.
Great post! Well organized and informative. I really enjoyed it. The only thing I would question is your statement that "corporations are people". They really aren't. I know that they are considered equivalent to people in *many* circumstances - but definitely not all. By stating simply that "corporations are people" - many people are going to walk away from your post believing it to be true.
I'm interested in your thoughts and opinions on several additional things and scenarios - and I'm playing a bit of devils advocate here. I support Apple's stance against the governments demands - but that doesn't mean that I am blind to the other side of the coin. I see many ways that the whole privacy and access to our information could play out in the future and a lot of the possibilities end in the governments favor.
I do want to ask about wiretaps - the ability of law enforcement to listen to phone calls. To the best of my understanding - some time in the past - the phone companies were ordered to provide the capability of provision a live audio feed to law enforcement (when a court order authorized the intercept). Regardless of who owns the recording device and where it is located - at one point in time - the ability to "tap" a line did not exist and somehow the phone companies were require to create it. How is that different from the core issue here - which is "does the government have the right to order a corporation or person to create something that doesn't currently exist?"
And another thing I'd love to hear your comments on with specific regards as to how they might relate to encryption - the rights of the government to control access to technology. Does the fact that unbreakable encryption exists automatically mean that everyone has the "right" to use it? Clearly it is required in order to keep our digital lives secure from criminals - but could the government not (if they wanted to) pass legislation that required a master decryption key or some other mechanism to decrypt users data when a court order states they have the right to look at it? The biggest objection to this is that the government would not be able to keep the key safe. It would be leaked and our data would be insecure. The second biggest objection is that the government would eventually use it to monitor everybody rather than to investigate criminals - which are both good points - but suppose those problems could both be solved - I don't know HOW they could be solved - but I also don't belief them to be unsolvable.
An example of government restricting the use of technology would be controlled printing technologies as well as specific types of paper - because allowing just anybody to purchase that equipment would make counterfeiting much easier and put our financial system at risk. Another example would be the enriched elements that can be used to build nuclear weapons. Purchase and possession of this materials are restricted - even though they exist. And one day - they might add "unbreakable encryption" to this list - because it poses a risk to the country. If this happens, they will still have to authorize its use - but only if the government has access to a key that allows them to decrypt it.
And one of the arguments I've seen thrown about quite liberally here is that - forcing Apple to decrypt iOS wouldn't solve anything because there are dozens of apps available with built-in encryption that Apple has no control over. That's true - but if the government is willing to go to all this effort to decrypt iOS, it's only a very small additional step to require that Apple ban from the App Store any apps that have their own built-in encryption. And another argument that can be thrown out is that - Apple would suffer a massive customer loss if they lose this case and are forced to make their phones less secure. Any legislation coming out of this case that place requirements on Apple will quickly be expanded to apply to any other smartphones sold in the US - so this is not an Apple-only issue. It affects all phones and all people on the US.
Finally - the passion with which people argue this topic - and about the repercussions of NOT having their data secure and private is somewhat amusing when you realize and acknowledge that these capabilities of unbreakable encryption have only existed for a few years. The world managed to exist for thousands of years without guaranteed privacy - but now, the claims are that if we lose it, it will spell the end of the world? How so? Not everybody even uses these features and of the ones that do - the vast majority are not using them properly! (I.e. Passcodes instead of passwords/passphrases), fingerprints - written down or easy to guess passwords, etc....
i would like to have the opportunity to keep all my information private and secure - from everybody including the government - but, if that's not possible and the government is going to legislate itself access to my data - I demand that they do so in such a way that eliminates any chance that hackers or other criminals can access my data. I'm not conceding a loss to the government at this point - but I am starting to try and envision what the future might look like if the government does eventually win.
Which of course means it's not actually searchable. Your argument -- and Elspeth's -- is that your data should be forever beyond the reach of the law, even when there is a valid search warrant and probable cause. But your data might well be evidence of criminal activity. How would feel if you were a bilked investor and this was Bernie Madoff's phone? You might see it differently.
Yes, it is. The device is searchable, and inside is found whatever exists within it. Like a safe that's been forced open only to find a pile of shredded documents that would implicate the owner of the safe in a crime, if not for being professionally shredded to the point of being unrecoverable using existing technology.
That's quite a good analogy, The maker of the shredder in your example might be considered involved in the case if they have the ability (without undue burden) to reassemble the shredded documents. It's quite possible that the DOJ would ask a judge to compel them to help under the AWA.
There are two related but different issues being discussed here. The first is whether or not the DOJ can compel a private entity to create something under the AWA. That's actually what the court fight is going to be about. I suspect they can, but the courts will have to decide.
The other, broader issue, is whether or not encryption technology means that we now have an absolute, impregnable right to secure information against a government entity acting within the accepted rule of law. Personally, I think this leads down a rabbit hole to a very dark place. Lots of people want to hide information and many of them have no criminal intent or desire to harm anyone. But there are criminals and terrorists among us. I, for one, would like these people to be caught or prevented from doing harm.
That's quite a good analogy, The maker of the shredder in your example might be considered involved in the case if they have the ability (without undue burden) to reassemble the shredded documents. It's quite possible that the DOJ would ask a judge to compel them to help under the AWA.
There are two related but different issues being discussed here. The first is whether or not the DOJ can compel a private entity to create something under the AWA. That's actually what the court fight is going to be about. I suspect they can, but the courts will have to decide.
The other, broader issue, is whether or not encryption technology means that we now have an absolute, impregnable right to secure information against a government entity acting within the accepted rule of law. Personally, I think this leads down a rabbit hole to a very dark place. Lots of people want to hide information and many of them have no criminal intent or desire to harm anyone. But there are criminals and terrorists among us. I, for one, would like these people to be caught or prevented from doing harm.
IANAL but you don't appear to be one either, since you've referred only to the All Writs Act to support your position.
Maybe you've already read this article by Susan Crawford, Harvard Law professor and former Special Assistant for Science, Technology, and Innovation Policy to President Obama.
Or this blog post (which she references) by "well-respected lawyer Albert Gidari."
As for your conclusion that the FBI requires Apple's compelled assistance for this specific iPhone because the data is encrypted, perhaps this article by Ars would provide additional information.
Suppose the court compels Apple. A month goes by and the engineers report, "I got nothin'." Another month and "Sorry, can't crack this nut." Another month and it's "I don't know where to start on this one!" How does the government force a group of programs to produce something if the programers say they don't know how to produce it?
I was suggesting that a "passive rebellious" approach that would look very much like this could be Apple's final ace up their sleeve on this.
How do you prove that they just aren't trying hard (or smart) enough?!
Because it's a very simple coding exercise that MANY people know what needs to change and how to change it. The hard part - actually the impossible part - is to digitally sign the updated code so that the iPhone will run it. Only Apple can do that - but again - it's not something that needs "cracking", it's something that they understand very well and do regularly anyways. The only thing your suggestion would accomplish is to get Apple charged with contempt. If Cook assigned an Apple Store genius to the task, Cook would be the one charged with contempt. If Cook assigned someone qualified - and that person complained they couldn't figure it out - he's the one that would be charged with contempt.
Apple Global could develop strong encryption and sell it to the rest of the world and sell a weak encryption version of iOS mandated by our government only in the US.
That is true. They just cannot create a US product and export (without some pretty big red-tape, anyway). However, a lot of other countries would just ban the strong encryption. Europe is not likely to do that as they tend to value personal privacy more highly than we currently do in the US, but Russia and China...in a heartbeat.
Strong encryption is already out there internationally. A number of different implementations.
That's quite a good analogy, The maker of the shredder in your example might be considered involved in the case if they have the ability (without undue burden) to reassemble the shredded documents. It's quite possible that the DOJ would ask a judge to compel them to help under the AWA.
There are two related but different issues being discussed here. The first is whether or not the DOJ can compel a private entity to create something under the AWA. That's actually what the court fight is going to be about. I suspect they can, but the courts will have to decide.
The other, broader issue, is whether or not encryption technology means that we now have an absolute, impregnable right to secure information against a government entity acting within the accepted rule of law. Personally, I think this leads down a rabbit hole to a very dark place. Lots of people want to hide information and many of them have no criminal intent or desire to harm anyone. But there are criminals and terrorists among us. I, for one, would like these people to be caught or prevented from doing harm.
IANAL but you don't appear to be one either, since you've referred only to the All Writs Act to support your position.
Maybe you've already read this article by Susan Crawford, Harvard Law professor and former Special Assistant for Science, Technology, and Innovation Policy to President Obama.
Or this blog post (which she references) by "well-respected lawyer Albert Gidari."
As for your conclusion that the FBI requires Apple's compelled assistance for this specific iPhone because the data is encrypted, perhaps this article by Ars would provide additional information.
Never head of "IANAL" but if it means "I Am Not A Liberal" you're totally wrong. Longtime liberal, donate to Democratic candidates, very rarely (although occasionally) support Republicans. But this has nothing to do with the issue. This is NOT a partisan debate.
Here's an excerpt from Susan Crawford's article:
CALEA was the subject of intense negotiation — a deal, in other words. The government won an extensive, specific list of wiretapping assistance requirements in connection with digital communications. But in exchange, in Section 1002 of that act, the Feds gave up authority to “require any specific design of equipment, facilities, services, features or system configurations” from any phone manufacturer. The government can’t require companies that build phones to come to it for clearance in advance of launching a new device. Nor can the authorities ask a manufacturer to design something new — like a back door — once that device is out.
This is gist of the argument in the Gidari article as well. Both mis-state the government's request. The DOJ is not demanding any software from Apple. Nor are they demanding that Apple change its distributed software in any way. They are demanding help with an ongoing investigation. No Apple software available to customers (or outside Apple in any form) will be altered to include a 'backdoor' or weakened security. They are not asking Apple to clear future software with them. And they are not asking for a new security system to be designed. The DOJ has already specified the design. They are asking Apple to implement it and then sign the code for this one phone.
The article by Ars that you cite is extremely good -- I'm very familiar with it. They come up with only one possibly viable way to get at the phone's information -- via laser etching of the CPU (they basically dismiss the other 4 proposals). But read the 'Why it might not work' caveat and you'll see why the DOJ isn't eager to pursue this:
The risk of this approach is not so much that it won't work, but that if even a tiny mistake is made, the hardware ID could be irreparably damaged, rendering the stored data permanently inaccessible.
Richard Clarke's assertion that the NSA could 'easily' crack the encryption on the phone isn't supported by any sources or technical details. Clarke hasn't had a security clearance in ages, so I doubt he knows. And he knows virtually nothing about technology anyway.
Well -- who knows? Seems like a mistake really. But the impact of this has been highly distorted. Even if they hadn't done it they still would not have been able to force an iCloud backup without a PIN because the phone was powered off. So they've taken a lot of heat for doing something stupid but it hasn't affected the outcome at all.
Never head of "IANAL" but if it means "I Am Not A Liberal" you're totally wrong. Longtime liberal, donate to Democratic candidates, very rarely (although occasionally) support Republicans. But this has nothing to do with the issue. This is NOT a partisan debate.
They are demanding help with an ongoing investigation. No Apple software available to customers (or outside Apple in any form) will be altered to include a 'backdoor' or weakened security. They are not asking Apple to clear future software with them. And they are not asking for a new security system to be designed. The DOJ has already specified the design. They are asking Apple to implement it and then sign the code for this one phone.
That's certainly how the FBI wants the court to interpret their request. This man, who has testified as an expert witness in iPhone forensics, thinks the FBI is asking for more than that. Armchair lawyering aside, there's not a lot of time left to wait.
The article by Ars that you cite is extremely good -- I'm very familiar with it. They come up with only one possibly viable way to get at the phone's information -- via laser etching of the CPU (they basically dismiss the other 4 proposals). But read the 'Why it might not work' caveat and you'll see why the DOJ isn't eager to pursue this:
The risk of this approach is not so much that it won't work, but that if even a tiny mistake is made, the hardware ID could be irreparably damaged, rendering the stored data permanently inaccessible.
I was referring more to the last technique, categorized by Ars as the "technique in particular [that] should be quite robust. "
Richard Clarke's assertion that the NSA could 'easily' crack the encryption on the phone isn't supported by any sources or technical details. Clarke hasn't had a security clearance in ages, so I doubt he knows. And he knows virtually nothing about technology anyway.
Comey knows nothing about technology either, based on his answers to congressional committee. Clarke, of course, doesn't "know", he only said that he had talked to people. I'd expect him to have better contacts than anyone on these boards, but what do I know.
Never head of "IANAL" but if it means "I Am Not A Liberal" you're totally wrong. Longtime liberal, donate to Democratic candidates, very rarely (although occasionally) support Republicans. But this has nothing to do with the issue. This is NOT a partisan debate.
IANAL: IAm Not ALawyer.
Learn something new every day. But now that I know what it means, I want to thank you! I certainly am not a lawyer -- I'm a research scientist who has built a variety of large, complex software systems over the years. Including embedded and real-time codes. Lately a few Android and iOS apps. On the technical side I'm pretty confident. On the law...not so much.
Never head of "IANAL" but if it means "I Am Not A Liberal" you're totally wrong. Longtime liberal, donate to Democratic candidates, very rarely (although occasionally) support Republicans. But this has nothing to do with the issue. This is NOT a partisan debate.
I was referring more to the last technique, categorized by Ars as the "technique in particular [that] should be quite robust. "
Ah, I dismissed that one because it amounts to very much the same fight. Ars seems to agree in their assessment:
Why it might not work Apple may very well persist in saying no, and the courts may agree.
But I agree with you that a lot of this legal speculation is pretty useless. The courts will hammer out a verdict -- then we'll all argue about that
The claim is that the FBI wanted to prevent a remote wipe of the data in the iPhone. At the time the FBI did not know if these two were working alone or with others. So changing the password to the iCloud account would prevent some one that knew the account and password from performing a remote wipe, as one would do if their iPhone was stolen or lost.
Who knows, maybe the FBI thought that since it was a government worker issued iPhone, that there was some sort of MDM in place and therefore thought they would always be able to access the data in the iPhone.
The smart thing for the FBI (or the IT dept. managing this iPhone to do was to request Apple to close the iCloud account or have Apple change the password, as there might have been a chance that Apple could determine what the old password was, before changing it. But once the IT dept. changed the password, without first consulting Apple, Apple no longer had any access to the old password.
Just to make it clear. I do not think that data in an iPhone should be out of the reach of law enforcement, but the search warrant should go to the rightful owner or user of the phone and afterwards, whomever can give access readily. This way there is no question who can unlock the phone.
And what will you do if the person won't comply? Waterboard them? Give up and say: "oh, it's ok -- you got away with it." This makes no sense at all.
Of course it makes sense. The Constitution makes it so. If the evidence against you is obtained in an illegal search, tainted or tampered with in the process of the investigation or one that involves "beating a confession out of you", then that evidence cannot be used against you. Even if you're guilty as hell but it can't be proven beyond a reasonable doubt in a court of law, without that evidence. Even law enforcement must operate in the scope of the law and Constitution, when gathering evidence against a known criminal.
OJ Simpson got a way with murder. And it makes perfect sense when you consider that all the law enforcement involved did not do their part to ensure that the evidence they got against him was obtained legally, not tampered with and kept untainted during the course of the investigation.
In SF, thousands of drug related convictions against drug dealers over several years may have to be tossed out because a crime lab tech was discovered to be a drug addict and stole drugs from the crime lab she was working at. So all the drug evidence that was verified by this crime lab has to be tossed because it may be considered tainted or have been tampered with.
Which is why you saying that this "key" that the court is ordering Apple to create can not just be use for one iPhone. Even with special UUID or Apple signing off on it. The defense has the right to examine this "key", if any evidence obtain using this "key" is used against his/her client. And one of the thing this "key" must do is be repeatable when used on other similarly locked iPhones. If it can not be used to help unlock other similarly locked iPhones, then the evidence becomes questionable and may not pass the "beyond a reasonable doubt.", that must be considered by the jury.
Which brings up the point of why Apple can not keep the "key" in their possession. Once the "key" leaves law enforcement hands, the evidence becomes questionable as the "key" could have been tampered with between when it was used to obtain an evidence and when that evidence is used in a court of law. Apple is not a certified forensic lab and can not be expected to train their employees to act as such.
The FBI and the courts are lying when they say that the 'Key" will only be used on this one iPhone and Apple can do what they want with the "key" after the data is removed from this one iPhone. The FBI (and the Justice Dept.) knows that the "key' must be repeatable on other iPhones and law enforcement must keep possession of it at all times. Otherwise any evidence they obtain using this "key" will be unusable in a court of law as it will not be, "beyond a reasonable doubt".
So you keep saying that Apple can easily program a "key" for one time use and there's no possibility of it being use on other iPhones if the "key" got out is a moot point as the FBI will always have the "key" and will be able to use it on other iPhones, with the blessing of a court order forcing Apple to sign off on it.
I was referring more to the last technique, categorized by Ars as the "technique in particular [that] should be quite robust. "
Ah, I dismissed that one because it amounts to very much the same fight. Ars seems to agree in their assessment:
But I agree with you that a lot of this legal speculation is pretty useless. The courts will hammer out a verdict -- then we'll all argue about that
Ars doesn’t agree with you, it actually says that it is highly likely that it would work with the iPhone 5c and that the risks are small. An experienced technician would almost certainly be able to do it without a problem.
As for the legal interpretation, your arguments make no sense. Even the DOJ who’s throwing everything but the kitchen sink against CALEA, doesn’t say that. The DOJ argument is that it is not making “any specific design” demand, which also makes no sense, among other things. The DOJ/FBI is demanding software from Apple with certain specifications, it doesn’t matter if it is distributed or not, CALEA prohibits Law Enforcement from making any demands in the first place on features, configurations, etc.
However there are still questions as to how CALEA applies in this case, but a Federal Judge in New York has already argued that CALEA could be applicable in something like this and defends that the government can’t demand Apple to assist. Considering that the government is demanding even more in this case…
Well -- who knows? Seems like a mistake really. But the impact of this has been highly distorted. Even if they hadn't done it they still would not have been able to force an iCloud backup without a PIN because the phone was powered off. So they've taken a lot of heat for doing something stupid but it hasn't affected the outcome at all.
I can't find the article now - but I definitely read something that said they had discovered that the user himself had changed the password about a week before he died and that he hadn't run a backup after the password change so that the FBI ordered password change had no effect anyhow... And the most valuable information likely to be on the phone is not part of the backup anyhow...
Though I hope that there is no GovtOS, would these employees be charged with "Contempt of Court"?
Apparently Congress is working on some new encryption law. So that "Contempt of Court" charges in these unlock/criminal/terrorist Legal cases concerning corporations has some clout. Refusal to comply will result in daily fines against the company for sure and possibly an admin may be jailed at some point. Seems it has bipartisan support in congress and if passed soon enough could even be used in this case. The only contested points in the law now seems to be fine amounts and whether a company admin can be jailed or not. In several EU states this admin jailing for corporate contempt charges has already been made law.
For the source code and keys Govt does apparently have legal standing. I just forgot what court case was cited as precedent setting. But it seems to me that'd be a whole different can of worms and kind of puts Apple between a rock and a hard place. Also.... in the case of a court order like this, refusing to comply by corporations will be a crime as either a "Contempt of Court" charge or "Obstruction of Justice". At this point it's not clear which..... but I don't think threat of employees quitting is going to save anyone or Apple now!
Also keep in mind Govt has requested some kind of inquiry for sides to present expert witnesses in support either fore or against Apple's request to drop this request. Looks like Apple is having a department head testify. Govt has some legal expert coming in..... not sure who or from where. Stage is set for tomorrow for the court to deliver it's verdict on Apple's request though.
Though I hope that there is no GovtOS, would these employees be charged with "Contempt of Court"?
Certainly not if they decide to quit before the actual final ruling. Even after the ruling, they could probably challenge it in court, with the equivalent of the argument of (as the NYT article points out) "you can't force a doctor to administer a lethal injection."
But any such attempt by US courts to get into the entrails of Apple's operations would be a breathtaking intervention by the government in the business of business.
The US government is worried about corporations leaving the country because of tax inversions? Wait till something like this happens: they ain't seen nothin' yet. Some of America's (and the world's) greatest companies will have the incentive to shut shop and leave, or even worse, US companies like Apple and Google simply won't create this kind of IP within its legal shores: it'll move to places like Ireland, India, and Israel.
I don't see how any employees threatening to quit will keep daily corporate fines from being levied. I've read about a case where a company was compelled to comply, because would eventually bankrupt them. No easy answer and the larger issue will be if this new encryption fines law..... goes into effect, will admin be jailed for contempt charges?
Now as to corporations leaving America? Come on do you really think a company the size of Apple would just pick up and leave....... when they are spending billions on new headquarters here? If Donald Trump sticks to his original plan if elected..... presented decades ago, in an expert witness appearance before congress in 1988 or 1991 (not sure but video in on YouTube), he's saying he has a plan to allow corporations to bring back a form of corporate tax shelter (like Beefalo Tax Shelter of 70's to 80's). Basically it would be a Reward System for investing that money in technology advancement, construction projects and things that bring jobs back to America.
So it would seems they'd get a two to five times write off the first year and that write off would then drop incrementally lower there after. Supposed to invigorate our economy. FTZ (foreign trade zones tax incentives) would also be offered to companies based in the USA. While anything produced outside the USA, would incur dramatically higher tariffs at some point.
If America is serious about building our economy, we'd be willing to compete directly with Ireland, Netherlands, Switzerland, Singapore, etc on offering our own tax shelters to foreign based companies too. If you hate Trump now, over his big mouth against Apple, just remember he's a businessman and also former actor like Reagan with a Mensa Level IQ. It's all about the show and dramatic effects. He doesn't really hate Apple and in fact could end up being their best friend! ......but if he can convince voters he does, they'll more easily accept a new corporate tax structure that rewards corporations for bringing their money home and investing it here tax free!!!
Comments
I'm interested in your thoughts and opinions on several additional things and scenarios - and I'm playing a bit of devils advocate here. I support Apple's stance against the governments demands - but that doesn't mean that I am blind to the other side of the coin. I see many ways that the whole privacy and access to our information could play out in the future and a lot of the possibilities end in the governments favor.
I do want to ask about wiretaps - the ability of law enforcement to listen to phone calls. To the best of my understanding - some time in the past - the phone companies were ordered to provide the capability of provision a live audio feed to law enforcement (when a court order authorized the intercept). Regardless of who owns the recording device and where it is located - at one point in time - the ability to "tap" a line did not exist and somehow the phone companies were require to create it. How is that different from the core issue here - which is "does the government have the right to order a corporation or person to create something that doesn't currently exist?"
And another thing I'd love to hear your comments on with specific regards as to how they might relate to encryption - the rights of the government to control access to technology. Does the fact that unbreakable encryption exists automatically mean that everyone has the "right" to use it? Clearly it is required in order to keep our digital lives secure from criminals - but could the government not (if they wanted to) pass legislation that required a master decryption key or some other mechanism to decrypt users data when a court order states they have the right to look at it? The biggest objection to this is that the government would not be able to keep the key safe. It would be leaked and our data would be insecure. The second biggest objection is that the government would eventually use it to monitor everybody rather than to investigate criminals - which are both good points - but suppose those problems could both be solved - I don't know HOW they could be solved - but I also don't belief them to be unsolvable.
An example of government restricting the use of technology would be controlled printing technologies as well as specific types of paper - because allowing just anybody to purchase that equipment would make counterfeiting much easier and put our financial system at risk. Another example would be the enriched elements that can be used to build nuclear weapons. Purchase and possession of this materials are restricted - even though they exist. And one day - they might add "unbreakable encryption" to this list - because it poses a risk to the country. If this happens, they will still have to authorize its use - but only if the government has access to a key that allows them to decrypt it.
And one of the arguments I've seen thrown about quite liberally here is that - forcing Apple to decrypt iOS wouldn't solve anything because there are dozens of apps available with built-in encryption that Apple has no control over. That's true - but if the government is willing to go to all this effort to decrypt iOS, it's only a very small additional step to require that Apple ban from the App Store any apps that have their own built-in encryption. And another argument that can be thrown out is that - Apple would suffer a massive customer loss if they lose this case and are forced to make their phones less secure. Any legislation coming out of this case that place requirements on Apple will quickly be expanded to apply to any other smartphones sold in the US - so this is not an Apple-only issue. It affects all phones and all people on the US.
Finally - the passion with which people argue this topic - and about the repercussions of NOT having their data secure and private is somewhat amusing when you realize and acknowledge that these capabilities of unbreakable encryption have only existed for a few years. The world managed to exist for thousands of years without guaranteed privacy - but now, the claims are that if we lose it, it will spell
the end of the world? How so? Not everybody even uses these features and of the ones that do - the vast majority are not using them properly! (I.e. Passcodes instead of passwords/passphrases), fingerprints - written down or easy to guess passwords, etc....
i would like to have the opportunity to keep all my information private and secure - from everybody including the government - but, if that's not possible and the government is going to legislate itself access to my data - I demand that they do so in such a way that eliminates any chance that hackers or other criminals can access my data. I'm not conceding a loss to the government at this point - but I am starting to try and envision what the future might look like if the government does eventually win.
There are two related but different issues being discussed here. The first is whether or not the DOJ can compel a private entity to create something under the AWA. That's actually what the court fight is going to be about. I suspect they can, but the courts will have to decide.
The other, broader issue, is whether or not encryption technology means that we now have an absolute, impregnable right to secure information against a government entity acting within the accepted rule of law. Personally, I think this leads down a rabbit hole to a very dark place. Lots of people want to hide information and many of them have no criminal intent or desire to harm anyone. But there are criminals and terrorists among us. I, for one, would like these people to be caught or prevented from doing harm.
Maybe you've already read this article by Susan Crawford, Harvard Law professor and former Special Assistant for Science, Technology, and Innovation Policy to President Obama.
Or this blog post (which she references) by "well-respected lawyer Albert Gidari."
As for your conclusion that the FBI requires Apple's compelled assistance for this specific iPhone because the data is encrypted, perhaps this article by Ars would provide additional information.
Or this interview given by Richard Clark, former senior counterterrorism official in the U.S. government.
Or this blog post (which she references) by "well-respected lawyer Albert Gidari."
genius to the task, Cook would be the one charged with contempt. If Cook assigned someone qualified - and that person complained they couldn't figure it out - he's the one that would be charged with contempt.
Here's an excerpt from Susan Crawford's article:
CALEA was the subject of intense negotiation — a deal, in other words. The government won an extensive, specific list of wiretapping assistance requirements in connection with digital communications. But in exchange, in Section 1002 of that act, the Feds gave up authority to “require any specific design of equipment, facilities, services, features or system configurations” from any phone manufacturer. The government can’t require companies that build phones to come to it for clearance in advance of launching a new device. Nor can the authorities ask a manufacturer to design something new — like a back door — once that device is out.
This is gist of the argument in the Gidari article as well. Both mis-state the government's request. The DOJ is not demanding any software from Apple. Nor are they demanding that Apple change its distributed software in any way. They are demanding help with an ongoing investigation. No Apple software available to customers (or outside Apple in any form) will be altered to include a 'backdoor' or weakened security. They are not asking Apple to clear future software with them. And they are not asking for a new security system to be designed. The DOJ has already specified the design. They are asking Apple to implement it and then sign the code for this one phone.
The article by Ars that you cite is extremely good -- I'm very familiar with it. They come up with only one possibly viable way to get at the phone's information -- via laser etching of the CPU (they basically dismiss the other 4 proposals). But read the 'Why it might not work' caveat and you'll see why the DOJ isn't eager to pursue this:
The risk of this approach is not so much that it won't work, but that if even a tiny mistake is made, the hardware ID could be irreparably damaged, rendering the stored data permanently inaccessible.
Richard Clarke's assertion that the NSA could 'easily' crack the encryption on the phone isn't supported by any sources or technical details. Clarke hasn't had a security clearance in ages, so I doubt he knows. And he knows virtually nothing about technology anyway.
Well -- who knows? Seems like a mistake really. But the impact of this has been highly distorted. Even if they hadn't done it they still would not have been able to force an iCloud backup without a PIN because the phone was powered off. So they've taken a lot of heat for doing something stupid but it hasn't affected the outcome at all.
IANAL: I Am Not A Lawyer.
My tendency is to side with 2 independent lawyers reading over an AI poster.
That's certainly how the FBI wants the court to interpret their request. This man, who has testified as an expert witness in iPhone forensics, thinks the FBI is asking for more than that. Armchair lawyering aside, there's not a lot of time left to wait.
I was referring more to the last technique, categorized by Ars as the "technique in particular [that] should be quite robust. "
Comey knows nothing about technology either, based on his answers to congressional committee. Clarke, of course, doesn't "know", he only said that he had talked to people. I'd expect him to have better contacts than anyone on these boards, but what do I know.
Ah, I dismissed that one because it amounts to very much the same fight. Ars seems to agree in their assessment:
But I agree with you that a lot of this legal speculation is pretty useless. The courts will hammer out a verdict -- then we'll all argue about that
Who knows, maybe the FBI thought that since it was a government worker issued iPhone, that there was some sort of MDM in place and therefore thought they would always be able to access the data in the iPhone.
The smart thing for the FBI (or the IT dept. managing this iPhone to do was to request Apple to close the iCloud account or have Apple change the password, as there might have been a chance that Apple could determine what the old password was, before changing it. But once the IT dept. changed the password, without first consulting
Apple, Apple no longer had any access to the old password.
Of course it makes sense. The Constitution makes it so. If the evidence against you is obtained in an illegal search, tainted or tampered with in the process of the investigation or one that involves "beating a confession out of you", then that evidence cannot be used against you. Even if you're guilty as hell but it can't be proven beyond a reasonable doubt in a court of law, without that evidence. Even law enforcement must operate in the scope of the law and Constitution, when gathering evidence against a known criminal.
OJ Simpson got a way with murder. And it makes perfect sense when you consider that all the law enforcement involved did not do their part to ensure that the evidence they got against him was obtained legally, not tampered with and kept untainted during the course of the investigation.
In SF, thousands of drug related convictions against drug dealers over several years may have to be tossed out because a crime lab tech was discovered to be a drug addict and stole drugs from the crime lab she was working at. So all the drug evidence that was verified by this crime lab has to be tossed because it may be considered tainted or have been tampered with.
Which is why you saying that this "key" that the court is ordering Apple to create can not just be use for one iPhone. Even with special UUID or Apple signing off on it. The defense has the right to examine this "key", if any evidence obtain using this "key" is used against his/her client. And one of the thing this "key" must do is be repeatable when used on other similarly locked iPhones. If it can not be used to help unlock other similarly locked iPhones, then the evidence becomes questionable and may not pass the "beyond a reasonable doubt.", that must be considered by the jury.
Which brings up the point of why Apple can not keep the "key" in their possession. Once the "key" leaves law enforcement hands, the evidence becomes questionable as the "key" could have been tampered with between when it was used to obtain an evidence and when that evidence is used in a court of law. Apple is not a certified forensic lab and can not be expected to train their employees to act as such.
The FBI and the courts are lying when they say that the 'Key" will only be used on this one iPhone and Apple can do what they want with the "key" after the data is removed from this one iPhone. The FBI (and the Justice Dept.) knows that the "key' must be repeatable on other iPhones and law enforcement must keep possession of it at all times. Otherwise any evidence they obtain using this "key" will be unusable in a court of law as it will not be, "beyond a reasonable doubt".
So you keep saying that Apple can easily program a "key" for one time use and there's no possibility of it being use on other iPhones if the "key" got out is a moot point as the FBI will always have the "key" and will be able to use it on other iPhones, with the blessing of a court order forcing Apple to sign off on it.
Ars doesn’t agree with you, it actually says that it is highly likely that it would work with the iPhone 5c and that the risks are small. An experienced technician would almost certainly be able to do it without a problem.
As for the legal interpretation, your arguments make no sense. Even the DOJ who’s throwing everything but the kitchen sink against CALEA, doesn’t say that. The DOJ argument is that it is not making “any specific design” demand, which also makes no sense, among other things. The DOJ/FBI is demanding software from Apple with certain specifications, it doesn’t matter if it is distributed or not, CALEA prohibits Law Enforcement from making any demands in the first place on features, configurations, etc.
However there are still questions as to how CALEA applies in this case, but a Federal Judge in New York has already argued that CALEA could be applicable in something like this and defends that the government can’t demand Apple to assist. Considering that the government is demanding even more in this case…
For the source code and keys Govt does apparently have legal standing. I just forgot what court case was cited as precedent setting. But it seems to me that'd be a whole different can of worms and kind of puts Apple between a rock and a hard place. Also.... in the case of a court order like this, refusing to comply by corporations will be a crime as either a "Contempt of Court" charge or "Obstruction of Justice". At this point it's not clear which..... but I don't think threat of employees quitting is going to save anyone or Apple now!
Also keep in mind Govt has requested some kind of inquiry for sides to present expert witnesses in support either fore or against Apple's request to drop this request. Looks like Apple is having a department head testify. Govt has some legal expert coming in..... not sure who or from where. Stage is set for tomorrow for the court to deliver it's verdict on Apple's request though.
I don't see how any employees threatening to quit will keep daily corporate fines from being levied. I've read about a case where a company was compelled to comply, because would eventually bankrupt them. No easy answer and the larger issue will be if this new encryption fines law..... goes into effect, will admin be jailed for contempt charges?
Now as to corporations leaving America? Come on do you really think a company the size of Apple would just pick up and leave....... when they are spending billions on new headquarters here? If Donald Trump sticks to his original plan if elected..... presented decades ago, in an expert witness appearance before congress in 1988 or 1991 (not sure but video in on YouTube), he's saying he has a plan to allow corporations to bring back a form of corporate tax shelter (like Beefalo Tax Shelter of 70's to 80's). Basically it would be a Reward System for investing that money in technology advancement, construction projects and things that bring jobs back to America.
So it would seems they'd get a two to five times write off the first year and that write off would then drop incrementally lower there after. Supposed to invigorate our economy. FTZ (foreign trade zones tax incentives) would also be offered to companies based in the USA. While anything produced outside the USA, would incur dramatically higher tariffs at some point.
If America is serious about building our economy, we'd be willing to compete directly with Ireland, Netherlands, Switzerland, Singapore, etc on offering our own tax shelters to foreign based companies too. If you hate Trump now, over his big mouth against Apple, just remember he's a businessman and also former actor like Reagan with a Mensa Level IQ. It's all about the show and dramatic effects. He doesn't really hate Apple and in fact could end up being their best friend! ......but if he can convince voters he does, they'll more easily accept a new corporate tax structure that rewards corporations for bringing their money home and investing it here tax free!!!