The Texas Rangers (the law enforcement agency, not the baseball team) investigating the tragic mass shooting at a Baptist church in Sutherland Springs, Texas, have served Apple with a search warrant in an attempt to gain access to information from the shooter’s iPhone. The device is one of two reportedly found at the scene, Techdirt notes, a “‘blood spattered’ Apple iPhone SE” and an “older push-button LG.”
The reason Apple gets a search warrant and LG doesn’t is that there are security differences between the two devices: Even if it’s password-protected, data on the LG is likely accessible with the right technical know-how because of the phone’s age and relative simplicity. But the iPhone is encrypted, which means no one — not even Apple — can access the great bulk of its data without the shooting suspect’s login information.
That distinction is significantly important, as we learned nearly two years ago when the FBI sought access to an iPhone owned by the suspects in the San Bernardino shooting. Here’s what I wrote then on the broad impact of investigators’ demands:
[The FBI’s request is] about overriding the iPhone’s default setting of wiping all personal data after 10 consecutive failed login attempts. “That Apple is just as blind to your photos and texts as the FBI also helps explain the unique nature of the court request,” Ryan Derballa explains at Wired. “Rather than impel Apple to unlock the phone, the FBI wants Apple to help it develop a way to ‘bruteforce’ the password — guess until it finds a match — without triggering a mechanism that deletes the key that decrypts the data.”
Nevertheless, the stakes are high enough to be plenty worrisome for civil liberties advocates, as well as for Apple’s status as a business its customers can trust to keep their data safe.
“What the FBI wants here is more like a golden key that would allow access to private data decoding encrypted material,” says Nathan Leamer, a policy analyst at the R Street Institute. “Yet make no mistake, this situation gets at the heart of the concern over the need for strong encryption and data protection.”
The concerns civil libertarians raised then are all still relevant now.
The unintended consequences that come with increased digital vulnerability remain certain. “Once created, the technique could be used over and over again, on any number of devices,” Apple’s Tim Cook wrote in an open letter in response to the San Bernardino situation. “In the physical world, it would be the equivalent of a master key, capable of opening hundreds of millions of locks — from restaurants and banks to stores and homes. No reasonable person would find that acceptable.”
The constitutional issues are also just as pressing. Call me cynical, but I don’t see a scenario in which creation of this “golden key” doesn’t lead to expansions of the surveillance state in violation of the Fourth Amendment’s privacy protections. Furthermore, while the Fourth Amendment does authorize warranted searches, it is quite a stretch to say that includes the power to compel the unwilling labor of private citizens, as forcing Apple to break its own encryption would entail.
Oh, and on a practical note, the FBI eventually found a way into the San Bernardino suspect’s iPhone without Apple’s help.
In this case, Apple can comply with some of the Rangers’ demands without creating anything like a master key, because the search warrant asked for information available from the shooter’s iCloud account, if he had one. Apple can and, as a matter of policy, does access some of that data for law enforcement when served with appropriate warrants.
The trouble is, the Rangers (and the FBI, which is working on the investigation as well) also want access to the phone itself “to dig into [the shooter’s] messages, calls, social media applications, passwords, address books, photos, videos and data since Jan. 1, 2016,” as the San Antonio Express-News reports. That means we’re back in golden key territory, and the FBI may once again attempt to use this heart-wrenching case as high-profile leverage in its misleading campaign against secure encryption.
Apple stood up to the FBI the last time that happened, and it must do so again.