When the U.S. Department of Justice (DOJ) obtained a court order compelling Apple Inc. to assist FBI agents in cracking an iPhone 5C used by San Bernardino terrorist Syed Rizwan Farook, the stage was set for controversy. So when Apple refused to comply, long-simmering concerns came to the fore. At issue is balancing the dynamic—and often competing—issues of privacy, law enforcement and security.
In the weeks that followed the court’s order, America engaged in a spirited public conversation. Social media, editorial pages, television and radio talk shows all were consumed by a debate of seemingly irreconcilable views.
Then, on March 29th, the U.S. DOJ v Apple controversy came to an abrupt halt, when the DOJ filed a status report in the U.S. District Court, asking the court to vacate its order. The status report stated:
The government has now successfully accessed the data stored on Farook’s iPhone and therefore no longer requires the assistance from Apple Inc. mandated [by the court’s original order].
With that document, the FBI ended the standoff—leaving no legal precedent in its wake.
After the Standoff
In the wake of the U.S. DOJ v Apple, then, there ended up being no landmark court decision offering clear guidance and setting legal precedent for similar matters. Nevertheless, this highly visible dispute has advanced the discourse, altered the policy landscape and spurred technological developments related to privacy, encryption and security matters.
The major impacts are as follows:
Increased public awareness of government surveillance, encryption technology, data privacy practices and cybersecurity practices
When Edward Snowden’s extensive disclosures of classified government documents became front-page news in 2013, Americans gained a new understanding about the extent of domestic surveillance activities. Although U.S. DOJ v Apple’s underlying fact pattern is markedly different from the Snowden matter, this recently concluded case has similarly invigorated public awareness of privacy issues.
The case took discussions about encryption out of the “geek” realm and made these concerns an issue for all of us—issues that once seemed abstract and intangible were suddenly real and close to home. With so personal a device at the heart of this dispute, these once abstract matters became issues the public could grasp, both literally and figuratively. What’s more, these issues could come to mind every time an iPhone user answered a call, sent a text or accessed an app.
Both law-breakers and lawmakers now know more about the iPhone’s capability for protecting digital communications—and about the newly disclosed chink in the iPhone (the 5C model, at least) encryption armor. The broader issues, however, transcend any particular manufacturer, mobile device or software platform; they impact us all…
A renewed intensity in the “arms race” for encryption (and breaking encryption)
There’s an arms race among the players with a stake in the outcome of the ongoing contest between privacy interests and security interests. Technology manufacturers, government bodies, hackers, privacy advocates, foreign governments, law-enforcement agencies, businesses and private citizens all have a portfolio of interests in how the encryption battles ultimately are resolved. Apple (which has promoted its brand’s resistance to hacking) has every incentive to quickly discover the vulnerability that allowed its iPhone to be hacked and to develop yet stronger encryption algorithms. Similarly, other technology companies (some of which filed amicus briefs in support of Apple) are striving to improve their encryption capabilities.
Growing concerns among law enforcement and national security agencies
On the other side, law enforcement and national security personnel see compelling interests in being able to defeat encryption. These officials express growing concerns about the number of companies “going dark” (engaging in cybersecurity practices that effectively prohibit outside intrusions, both from cyber-criminals and law enforcement agents).
“It remains a priority for the government to ensure that law enforcement can obtain crucial digital information to protect national security and public safety, either with cooperation from relevant parties or through the court system when cooperation fails,” DOJ’s spokeswoman Melanie Newman said. “We will continue to pursue all available options for this mission, including seeking the cooperation of manufacturers and relying upon the creativity of both the public and private sectors.”
“Washington and Silicon Valley have a tense relationship right now…” said Fred Kaplan, Slate columnist and author of The Dark Territory: The Secret History of Cyber War.
Action in Congress, as well as the courts
“This conflict is not over; there will be another case. At some point, the courts are going to have to decide,” said Fred Kaplan, Slate columnist and author of The Dark Territory: The Secret History of Cyber War.
Meanwhile, there is growing sentiment that encryption and privacy issues should be settled by elected officials, and not by courts. Consequently, encryption matters now are gaining ascendency on Congressional agendas. Two bills, in particular, are under discussion:
The McCaul/Warner bill (considered to be a “moderate” approach) proposes establishment of a commission, composed of experts in technology, civil liberties and law enforcement, to make policy representations. Co-sponsors are House Homeland Security Committee Chairman Rep. Michael McCaul (R-Texas) and Senate Intelligence Committee member Sen. Mark Warner (D-Va.).
The Burr/Feinstein bill, in contrast, would seek to provide federal judges with the power to compel tech companies to assist law enforcement agencies in accessing encrypted data. (A recent story in Reuters reported that the proposed legislation does not create specific penalties for non-complying companies, leaving this discretion to individual judges.)
Which bill is more likely to gain traction? Here’s one view:
“The Burr/Feinstein bill, which is sure to be widely reviled by the tech industry, digital rights advocates, and reasonable policymakers alike, is likely to be the poster child for just the sort of knee-jerk legislative response that the commission idea is intended to block.”
-Kevin Bankston, director of the Open Technology Institute
It’s also worth noting that The House Energy and Commerce Committee and the Judiciary Committees recently formed a joint working group on encryption. Although the San Bernardino iPhone case is no longer in play, the encryption issues raised by U.S. DOJ v Apple are far from being resolved.
“… there’s every reason to expect that there will be another phone with a similar issue very soon… There’s already a bunch of other phones on lesser cases that are in dispute right now. Everyone expects that this fight will only continue.”
-Devlin Barrett, who covers the Justice Department for The Wall Street Journal.
For the time being, anyone with an older version iPhone (the 5C) should know this: at present, it is unclear whether the hackers exploited a software bug or discovered a flaw in the phone’s hardware design. What is clear? At least one third-party (and now, the FBI) has the ability to thwart the encryption on their device. Unless, and until, Apple has a way to “patch” this vulnerability. Only time will tell…
For more industry insights and a comprehensive resource for salaries in the legal industry, get the Special Counsel 2016 Salary Guide.
Attract & Retain Top Talent
With a rapidly changing industry, it's vital to offer the right compensation and set the right expectation. With our 2017 Salary Guide, get detailed job descriptions, industry insights and local salary data to equip your managers with hiring confidence and expertise.Get your copy »