Final Score — Apple: 1, FBI: 1
NPR just reported that the FBI was able to successfully extract data from the San Bernardino shooter’s work iPhone, without any assistance…
NPR just reported that the FBI was able to successfully extract data from the San Bernardino shooter’s work iPhone, without any assistance from Apple. There are a couple ways we can look at this.
First, it shows that the FBI can and will exaggerate, distort the facts, and demonize dissenters in the process of investigating and prosecuting its cases. When law enforcement officials make extraordinary claims, it’s worth remembering that those claims should be met with heightened scrutiny — as they were in this case. And lo and behold, it turns out that the FBI’s hyperbole regarding Apple’s role in this case was unwarranted.
Second, Apple has achieved a significant victory in favor of “lawful privacy.” It’s actually a little bit unfortunate that they were unable to fully litigate their stance here, because Apple made some extremely persuasive arguments that existing legislation prevents the government from compelling companies to weaken or break their encryption. So, in the court of public opinion at least, Apple won this battle.
Third, the fact that the FBI used an unknown exploit to access the data on the iPhone actually has significant impact on their ability to do so in the future. Collectively, we’ve just agreed as a nation that “it’s ok for law enforcement to hack our devices, they just can’t require intentional backdoors to be built into them.”
My current thinking is that this probably comes closer to our real-world privacy expectations than other configurations. For example, with a warrant, law enforcement is allowed to break down your door, but we don’t give the FBI a skeleton key into every house in the US. Obviously there are ways this could go horribly wrong. I don’t think it’s good for the US government incentivize or create a stockpile of exploits for law enforcement purposes, since those can and will be misused.
Personally, I’d be ok with knowing that law enforcement could hack my device if they’d be required to turn the exploit over to the manufacturer after a period of time. In the old days, surveillance was limited and targeted because the manpower just wasn’t there to surveil everyone all the time. Making the FBI use its hacking power judiciously is a mechanism for ensuring that the average person’s privacy and security can’t be indiscriminately violated.
Ultimately, I think law enforcement investigations should be at least somewhat difficult. Taking away someone’s freedom or life isn’t something to be done lightly. Putting constraints on that ability helps ensure that major crimes get investigated, while making sure that people don’t spend the rest of their lives in jail over a speeding ticket.
At any rate, I think both Apple and the FBI gained a little bit in this case, and maybe that’s a good direction for the conversation to take: talking less about balancing privacy and security (they’re not mutually exclusive), and talking more about nuanced win-win scenarios that keep us safe while still meaningfully protecting individual privacy.