“U.S. judge on Monday expressed strong doubts that he had the legal authority to order Apple Inc to access data on a locked iPhone that was seized as part of a federal investigation,” Brendan Pierson reports for Reuters. “‘What you’re asking them to do is do work for you,’ U.S. Magistrate Judge James Orenstein told government attorneys at a hearing in Brooklyn federal court.”
“Saritha Komatireddy, arguing for the government, said the order it sought would essentially be the same as ordering Apple to turn over information,” Pierson reports. “But Orenstein said the request went further than that. He instead compared the order the government sought to one compelling a drug company to make a lethal injection drug over its conscientious objection, asking Komatireddy whether he would have the authority to do that. Komatireddy asked to respond in writing, adding that ‘the hypothetical is somewhat inflammatory.’ ‘Purposefully so,’ Orenstein responded.”
“Komatireddy also questioned whether unlocking the phone would really be a burden for Apple, noting the company ‘has been doing this for years without any objection.’ Orenstein later pressed Apple’s lawyer, Marc Zwillinger, to explain the company’s change of heart,” Pierson reports. “Zwillinger said the company had become more concerned about customer data in light of recent high-profile data breaches. ‘Right now Apple is aware that customer data is under siege from a variety of different directions,’ he said.”
Read more in the full article here.
MacDailyNews Take: As we wrote last month:
Because the U.S. government spooks trampled all over the U.S. Constitution, constantly demanding that Apple grant access to customers devices, Apple decided to remove themselves for the equation. And so, the government reaps what it hath sown. We guess law enforcement will have to get off their asses and do some old-fashioned leg work if they want to crack cases.
US DOJ claims Apple lacks legal standing to refuse iPhone unlock order – October 23, 2015
Apple tells U.S. judge it can’t unlock iPhones running iOS 8 or higher – October 20, 2015
a href=”http://macdailynews.com/2015/10/20/apple-ceo-cook-defends-encryption-opposes-back-door-for-government-spies/”>Apple CEO Cook defends encryption, opposes back door for government spies – October 20, 2015
With Apple court order, activist federal judge seeks to fuel debate about data encryption – October 12, 2015
Judge declines to order Apple to disable security on device seized by U.S. government – October 10, 2015
Apple refused to give iMessages to the U.S. government – September 8, 2015
Obama administration war against Apple just got uglier – July 31, 2015
Edward Snowden: Apple is a privacy pioneer – June 5, 2015
U.S. Senate blocks measures to extend so-called Patriot Act; NSA’s bulk collection of phone records in jeopardy – May 23, 2015
Rand Paul commandeers U.S. Senate to protest so-called Patriot Act, government intrusion on Americans’ privacy – May 20, 2015
Apple, others urge Obama to reject any proposal for smartphone backdoors – May 19, 2015
U.S. appeals court rules NSA bulk collection of phone data illegal – May 7, 2015
In open letter to Obama, Apple, Google, others urge Patriot Act not be renewed – March 26, 2015
Apple’s iOS encryption has ‘petrified’ the U.S. administration, governments around the world – March 19, 2015
I for one am very proud of Apple’s stance here. The level of our governments over reach here is stunning and a might scary.
“I love my country but I fear my government”
Just a friendly note of caution: Love people. Be careful loving a concept – too often that can lead to hurting the actual people.
Apple is not choosing not to unlock. They technically can _not_ unlock. And there’s no way to “break the door down” as would be done in the real world.
I think the discussion here is not about post- iOS8. It is specifically about an older iPhone, running iOS 7, for which Apple has the ability, tools and skills to decrypt the device and access some user data.
Apple (and this judge) are arguing that the request to do exactly that is too onerous.
I’ll do it. Send it to me. I’ll charge the government $200/hour (reasonable for them – more so than Bromwhich!) and work day and night on it. I’ll invoice weekly, and they can tell me when to stop.
$200/hour is way too cheap…especially in light of Bromwich.
$100K/hour, with a 100 hour minimum for each member of a 10 person team.
I would like to volunteer, and I can multitask, so you can pay me double.
You mean, you will work on it. Don’t make any guarantees you’ll succeed. Have a lawyer write up a nice disclaimer for you. Maybe you could start a whole security industry that scams the government out of taxpayer money.
Wait. Damn – the military industrial complex already pulled that one.
Produce a warrant signed by a judge like any other search/seizure warrant and I’m fine with the whole process. (And not some star chamber, secret warrant which no one knows about till a decade after the fact.)
Otherwise, go away.
According to the article, apparently such a warrant has been issued.
It’s not as simple as turning a key. Apple purposely put the keys into the users’ hands (at least for iOS 8+).
A warrant is a request for information or objects. They are forcing Apple to perform a service for them. That’s a pretty significant difference. This is asking the company who made the safe to break into it because you think something interesting is inside.
Perhaps MDN has some special information, but my experience from 40 years involved with the criminal justice system in one capacity or another is that “old-fashioned leg work” typically involves three key steps (the first two of which were pursued energetically and properly in this case):
(1) “Getting off your ass” and running around collecting all the information you can without conducting any arrests, searches, or seizures. If you are successful at this stage, you may have established probable cause that a particular person has committed a crime and/or that admissible evidence of that may be found at a particular place. Sometimes you can’t even do that, and the offender walks. Even more rarely, you can find enough evidence without a search to establish guilt beyond a reasonable doubt prior to making an arrest.
(2) You take the evidence you have developed (which may include hearsay and other reliable but inadmissible evidence) and set it out in a sworn affidavit. You take that to a neutral and impartial magistrate who independently determines whether probable cause exists for a search or seizure. In doing so, the judge balances the public interest in safety against the individual interest in privacy. The U.S. (and state) Bill of Rights demands that both interests be considered before determining that a particular arrest, search, or seizure is reasonable. If he decides against you, you can only try again or give up. Obviously, if there is insufficient probable cause showing guilt, there is no chance of proving guilt beyond a reasonable doubt.
(3) If you can persuade the magistrate to issue a warrant, you execute it. Then you examine the evidence you have seized and/or question the suspect you have arrested. Either you will find enough admissible evidence (or facts leading to admissible evidence) to prove guilt, or you won’t. For the first 200+ years of our nation’s history, any time an officer seized admissible evidence pursuant to a warrant, it became available for use in court, as did all other evidence obtained as the fruits of a lawful arrest, search, or seizure. This evidence could be shown to a judge and/or jury, which determined whether it proved guilt beyond a reasonable doubt.
See the problem? No matter how much “old-fashioned leg work” an officer may do after he “gets off his ass,” he (like the DOJ in this case) cannot get past Step 2 unless the existing evidence of a crime that is lawfully seized pursuant to a judicial warrant can be produced in some accessible way in a courtroom.
Until recently, most such evidence was kept on paper or in physical images (photos, drawings, diagrams, etc). Once the police executed their search and confronted the suspect with the bad news, he would cop a plea. Finding that evidence is what “old-fashioned leg work” was all about.
Thanks to encryption, much of the evidence of crime that can be lawfully seized nowadays is nonetheless unavailable at trial. It sits on a digital device or on a storage medium that cannot be cracked without the cooperation of the defendant… who has absolutely no incentive to cooperate instead of asserting his right against self-incrimination.
Perhaps the NSA has the resources to crack the encryption if the case is big enough (though perhaps not in a reasonable time). That hardly matters, since most local, state, and federal law enforcement agencies could not begin to marshal the resources necessary to tackle encryption in the thousands of cases they handle every year where documentary evidence of some sort is the essence of their case.
Example 1: You cannot convict someone of a financial crime unless you can prove beyond a reasonable doubt that he knowingly or intentionally took somebody’s money. You cannot do that, no matter how much “old-fashioned leg work” you do, if you cannot show a jury any evidence of the crime (typically correspondence and financial records). Rolling an encrypted server into the courtroom and alleging that it contains that evidence is not going to do it. If somebody is bright enough to commit one of these crimes, he is bright enough to cover his tracks, now that nearly unbreakable encryption is available to every hood on a street corner.
Example 2: Criminal organizations, from street gangs on up, are most often disrupted by prosecutions for conspiracy or organized criminal activity. Proving that beyond a reasonable doubt requires providing the jury with proof of the communications between gang members. That proof used to be obtained by finding notes pursuant to a search warrant or by lawfully tapping an analog landline. Nowadays, even the soldiers know enough to use exclusively digital means of communication and to keep their devices encrypted.
Example 3: You cannot convict someone of having child pornography unless he gives you the password or is stupid enough to print out the images sitting on his secure device. As Playboy Magazine has discovered, there is no market for hard-copy erotica; it is all digital. This is not a victimless crime, but a financial driver for human trafficking around the world. If MDN really believes that “Think About the Children” is just a ploy, they should be willing to let their kids take an unsupervised walk through Bangkok.
I am not trying to justify the abuse by the NSA, GCHQ, and so forth. I am not suggesting that Apple or anyone else should open their hardware or software to hackers by creating back doors. I am simply suggesting that the gains to individual privacy that have come from secure encryption have come at a very real cost to public safety. Yes, the police and prosecutors are getting frustrated, but it is not because they are lazy but because technology has fundamentally altered the playing field. It has made things easier for criminals and other bad guys to get away with hurting innocent victims. It does not further our public debate for anyone to stick their head in the sand and suggest that pre-digital “leg work” is going to be effective in a digital world.
Perhaps law enforcement should have considered some of your points when they decided to run roughshod over the rights of people and to consistently break the law and deny people their constitutional rights. Shall we move on to their little habit of shooting unarmed people using the absurd equivalent of a “stand your ground defense”? And that a defense that law enforcement, almost universally, is adamantly against as a justification for shootings.
I’m glad you pushed back on this. It is so fashionable to be anti-law-enforcement, whether it be cops, prosecutor, judges or the penal system.
Sure, it’s not hard to find examples of overreach, abuse of power, and corruption, but those are highly publicized aberrations that can and should be dealt with independent of blanket condemnation of law enforcement. Crime is real, and corrosive to communities and society at large.
I understand Apples stand. They want to be on the side of privacy, and they don’t want to appear to be in bed with the “pigs”, as some would see it. But I caution, as do you, that people take a step back and really consider how truly bad your daily lives could become if people that live outside the laws can no longer be taken off the street via our court system because all incriminating evidence is locked behind encryption.
An encrypted cell phone is no different than a locked safe. No one gives a second thought to a court order approving the opening of that safe by a third party, and safe manufacturers will aid in this when asked. Ultimately there WILL be a government agency set up (like an NSA) to where encrypted phones will be cracked. It inevitable because the alternative is rampant crime that cannot be stopped, especially financial crimes where there is no physical evidence; it’s all digital.
As MDN points out, Apple has already taken steps to remove themselves from the equation with their new phones and iOS. If they are to be believed, they no longer have the ability to decrypt new iPhones. I really don’t know enough about the specifics in the case that brought this topic up, but I am glad to see a judge clearly weighing the merits of both sides. I will be content with whichever way the ruling comes down.
And a key point to this is that the assistance provided by a private (third) party is that said assistance results in them being compensated (financially) by Law Enforcement.
Point being that even if there aren’t philosophical concerns, there is still the question of how much time/money is reasonable to expect a business to spend while endeavoring to assist law enforcement.
Consider the following: would we still consider it to be effectively “expected” of a business to give a complimentary cold drink to a pair of officers walking a beat on a hot day? Yeah, probably.
But how about not only a free drink but also a free meal … and instead of on a rare occasion, it is what becomes expected of the shop keeper while they patrol their beat every day?
So just where did the line get crossed?
I agree that anyone that performs a service for the government (the people) should be compensated for their time and skill. Apple is no different. Didn’t mean to imply that Apple should provide their expertise gratis.
THANK YOU APPLE!
We The People RULE our government,
NOT the other way around.
Deal with it.