Tuesday 1 March 2016

Apple and the FBI some thoughts and judgement pre Farook decision

The Apple FBI saga

The disagreement over Apple and the FBI has become a microcosm of the world of cyber and digital crime. Warranty can secure access to homes, cars planes and any premise or item. However the encryption coding on the iPhone, that is loved by many, seems to be at the limit of the privacy issue, and not just because of encryption.

Cyber investigators have mixed views ranging from fully supporting Apple’s right to say no, through to a total distrust of the state to protect its citizens from digital theft. The role of private organisations and businesses to support and deliver security or evidence on behalf of the state seems an unreasonable one to many.

Understanding what has actually happened legally is also a concern as the media is either misunderstanding the application made by the FBI or is “bigging” up Apple’s response.

Either way the legal process will ensue as Apple appeals the FBI bid. Added to that are side issues such as whether the password for the San Bernardino shooter's iCloud account (Farook) associated with his iPhone was reset hours after authorities took possession of the device, was this an error or a deliberate ploy.  

Some questions already posed.

1.      Is Apple right to stand its ground, balancing personal security and privacy against national security?

There is also an issue about product confidence and the concern that the US is not the only country where iPhones sell. Its approach is to appeal and use its legal route first. This will take time.The below unrelated case gives support to Apple's view

2.      What are the long-term implications?

If the appeal fails then the FBI will secure what it is after, an ability to keep trying to crack the encryption without the iPhone losing data. The question is whether this will stop Apple’s encryption and create a back door for the FBI/Police. If they do, there is considerable fear it will be copied by other countries or organisations rendering the security of the iPhone useless.

3.      Since so much consumer trust is invested in how we use our phones for the most data sensitive of operations amongst commerce, mobile money and banking etc will this move compromise that trust?

If Apple are forced to create a back door it will reduce consumer confidence in the product on the basis that the techniques are likely to be copied or replicated elsewhere. Currently the Passcode is part of an encryption that cannot be broken

4.      If the government is effectively asking for a back door key, how secure would that process be? Through human carelessness or leaking could the key be compromised?

Industry doesn’t have a strong sense that the state could protect the “key”. And there are examples to support that view. What if those with access are compromised or neglectful? Apple has well-reasoned arguments to consider the ability of any state to hold that access “key”

However A judgement came yesterday in a not related case which doesnt have binding precedence over the Farook case but contains some some really helpful comments within the 50 page report

A good summary is found below, particularly the call for Legislators to deal with the fast changing technological developments

"In deciding this motion, I offer no opinion as to whether, in the circumstances of this case or others, the government's legitimate interest in ensuring that no door is too strong to resist lawful entry should prevail against the equally legitimate societal interests arrayed against it here. Those competing values extend beyond the individual's interest in vindicating reasonable expectations of privacy – which is not directly implicated where, as here, it must give way to the mandate of a lawful warrant. They include the commercial interest in conducting a lawful business as its owners deem most productive, free of potentially harmful government intrusion; and the far more fundamental and universal interest – important to individuals as a matter of safety, to businesses as a matter of competitive fairness, and to society as a whole as a matter of national security – in shielding sensitive electronically stored data from the myriad harms, great and small, that unauthorized access and misuse can cause. 

How best to balance those interests is a matter of critical importance to our society, and the need for an answer becomes more pressing daily, as the tide of technological advance flows ever farther past the boundaries of what seemed possible even a few decades ago. But that debate must happen today, and it must take place among legislators who are equipped to consider the technological and cultural realities of a world their predecessors could not begin to conceive. It would betray our constitutional heritage and our people's claim to democratic governance for a judge to pretend that our Founders already had that debate, and ended it, in 1789."

This is the full judgement passed yesterday re the FBI and Apple case in Brooklyn. It will be interesting to see how this is regarded in the main Farook case

Judgement Apple and FBI

Popular Posts in last 7 Days