The question of security backdoors and phone hacking looms large again. This time, U.S. Attorney General William Barr is asking Apple to unlock the phone of the alleged shooter who killed three people in Pensacola, Florida, The New York Times reported. — and Apple continues to push back against the government’s requests.
“We reject the characterization that Apple has not provided substantive assistance in the Pensacola investigation. Our responses to their many requests since the attack have been timely, thorough and are ongoing,” the company said in a statement. “We responded to each request promptly, often within hours, sharing information with FBI offices in Jacksonville, Pensacola and New York. The queries resulted in many gigabytes of information that we turned over to investigators. In every instance, we responded with all of the information that we had.”
The company maintains that there is no such thing as a backdoor; opening a portal for the government would mean providing a means for criminals and wrong-doers to hack in as well, Apple argues.
If this sounds familiar, it’s because we’ve heard it before. In 2016, Apple refused a court order to remotely unlock the phone of one of the San Bernardino shooters, a terrorist attack that killed 14 people. The FBI ended up paying a private Israeli firm Cellebrite nearly $1 million to unlock the phone. The exact number has never been disclosed, but the debate over privacy versus access is likely to gear up again with this latest request.
Since the San Bernardino debate, law enforcement and tech companies have locked horns again and again over the question of security backdoors, including late in 2019 when high-ranking law enforcement officials from the U.S., Australia, and Great Britain sent a letter to Facebook asking CEO Mark Zuckerberg to not go forward with plans to encrypt the Messenger app, arguing that it was essential that a backdoor be left accessible to law enforcement.
Facebook’s response was in line with Apple’s 2016 answer: Nope. Their reasoning was simple — there is no such thing as a backdoor when it comes to encryption.
A spokesperson for the Electronic Frontier Foundation told Digital Trends at the time of the letter, “We’re glad to see Facebook standing up for privacy and security. The [Department of Justice]’s request is a staggering attempt to undermine the security and privacy of communications tools used by billions of people. As we told Facebook in urging it to resist, each day that platforms do not support strong end-to-end security is another day that this data can be breached, mishandled, or otherwise obtained by powerful entities or rogue actors to exploit it.”
“Our strong view is that the type backdoor, or golden key, it’s impossible that it will only be used by good actors and not by bad actors,” said Hannah Quay-de la Vallee, at Senior Technologist at the Center for Democracy and Technology. “It introduces a security vulnerability. Encryption is one of the strongest, most reliable security technologies we have, and messing with it will fundamentally weaken a foundational element.”
On December 10, the U.S. Senate Judiciary Committee held a hearing about exactly this question, with Republican Senator Lindsay Graham of South Carolina threatening the tech companies that were present — Apple and Facebook — “You’re going to find a way to do this, or we’re going to do it for you.”
What proceeded in the Senate chamber was an example of an unstoppable force meeting an immovable object. The representatives tech companies present were insistent that this was an impossibility: Leaving the phones open for one person leaves them open for everyone.
Graham, his co-chair Democrat Senator Diane Feinstein of California, and two law enforcement representatives were united in their insistence that tech companies must leave a way for law enforcement to access some phones, while still encrypting the phones for everyone else. Part of the argument, as stated by Cyrus Vance Jr., the District Attorney for New York county, was that “third-party workarounds are cost-prohibitive” (see: the amount the FBI had to pay after San Bernardino).
Cellebrite, for its part, is staying mum on whether it will get involved this time but sent Digital Trends a statement saying, “With regards to the Pensacola investigation, as a global leader in digital intelligence and forensics, Cellebrite proudly supports our men and women of law enforcement, the private sector, and the military to protect the innocent … As you can understand, we cannot comment on any ongoing investigations.”