Congressman Ted Lieu (D-Los Angeles County):
The terrorist attack in San Bernardino was horrific and the tragic loss of innocent lives demands a strong response. I have several deep concerns, however, about the unprecedented court order that forces Apple to create software it does not have in order to provide a “back door” way to weaken its smartphone encryption system.
This FBI court order, by compelling a private sector company to write new software, is essentially making that company an arm of law-enforcement. Private sector companies are not—and should not be—an arm of government or law enforcement.
This court order also begs the question: Where does this kind of coercion stop? Can the government force Facebook to create software that provides analytic data on who is likely to be a criminal? Can the government force Google to provide the names of all people who searched for the term ISIL? Can the government force Amazon to write software that identifies who might be suspicious based on the books they ordered?
Forcing Apple to weaken its encryption system in this one case means the government can force Apple—or any other private sector company—to weaken encryption systems in all future cases. This precedent-setting action will both weaken the privacy of Americans and hurt American businesses. And how can the FBI ensure the software that it is forcing Apple to create won’t fall into the wrong hands? Given the number of cyberbreaches in the federal government—including at the Department of Justice—the FBI cannot guarantee this back door software will not end up in the hands of hackers or other criminals.
The San Bernardino massacre was tragic but weakening our cyber security is not the answer – terrorism succeeds when it gets us to give up our liberties and change our way of life. We can take common sense security measures without trampling on privacy rights.
Congressman Lieu makes four points:
I’ve argued that a device-limited time-limited special version of iOS would benefit the FBI in its San Bernardino terrorism investigation while limiting all of the concerns including establishing a precedent and losing the security-weakened operating system would-be criminals. The security-weakened iOS operating system would only work on the iPhone 5c and would self-destruct within a time limit. But from what I have read today that is not what the FBI wants. According to Matthew Panzarino, writing for TechCrunch, the FBI wants a backdoor for all iPhones:
The executives — speaking on background — also explicitly stated that what the FBI is asking for — for it to create a piece of software that allows a brute force password crack to be performed — would also work on newer iPhones with its Secure Enclave chip. Our previous reporting had included statements to this regard, but it’s worth reiterating. This is a battle Apple is fighting for all iPhones, not just older models.
If this is true, #3 is true. The FBI is trying to set a precedent with Apple: if the FBI or other government agency convinces a judge to give an order to a private sector company to weaken security for the purpose of an investigation the private sector company must comply. There is no law at the moment, but that might change. Ashley Carman at The Verge:
But Congress could throw a curve ball into the whole process by passing its own encryption bill that could mandate companies to build devices with backdoors built in. While the order affecting Apple impacts only one device, a Congressional law would impact devices across all brands. Cardozo believes this possibility is part of the FBI’s motivation for carrying out the order through a public court, as opposed to under seal.
Nate Cardozo is staff attorney at the Electronic Frontier Foundation. The FBI wants public pressure on Apple as well as on Congress. What happens to security and to privacy hinges on what happens in this fight between the FBI and Apple. With new information that the FBI is wanting a iPhone backdoor for all iPhones I am leaning toward supporting Apple standing firmly against being coerced into developing a security weakened version of iOS.