When a public interest group wants to create new legal precedent, its first step is to find a client with sympathetic facts. Civil rights groups often search for figurehead plaintiffs with impeccable characters and captivating life stories. The National Rifle Association searches for clients with strong gun safety records and compelling reasons to own guns. None of this is improper—it’s a strategic approach for cause-oriented litigation.
But the public may not realize that the government employs this legal tactic as well. And that’s exactly what is happening behind the scenes in the fight between Apple and the Federal Bureau of Investigation over the San Bernardino shooter’s iPhone.
Law enforcement has grown increasingly concerned with the prospect of intelligence “going dark” as technology companies use encryption on consumer products. These security measures help protect customers’ private information. But it often frustrates law enforcement. Until now, the federal government has freely been able to try to hack into any consumer product (including—yes—the iPhone) as long as it has a warrant. And the truth is that, despite what the FBI argues in its legal briefs, it likely still can.
Law enforcement has grown increasingly concerned with the prospect of intelligence “going dark.” What the FBI really appears to be worried about is the fast-approaching future when its best hackers will be stymied by powerful corporate encryption and security systems. Federal law, in its current state, is of little help. There is no precedent that will allow the government to force a private company to change its security systems so that the FBI can get inside and take a peek. In fact, the Communications Assistance for Law Enforcement Act could be interpreted to restrict the government from doing so.
The FBI has apparently decided that it’s time for federal law to change. So its officials have been searching for a particular case that would give them a shot at changing the established legal precedent. (Although FBI director James Comey has not said this is the agency’s motivation, he did acknowledge to a congressional panel in February that the outcome of the case would likely “guide how other courts handle similar requests.”)
The San Bernardino shooting case offers a promising avenue. The FBI has hitched its strategy to create legal precedent to a widely reported terrorist attack. Few people are concerned about maintaining the privacy of Syed Rizwan Farook’s iPhone; a lot of people are worried about national security. And so the FBI found a way to market its case to the general public as well as the courts and political leaders.
Few people are concerned about maintaining the privacy of Farook’s iPhone; a lot of people are worried about national security. The FBI wants to frame the case around one simple question: Does Apple have a legal and moral obligation to do everything possible to hold the people behind the San Bernardino attacks accountable, and perhaps even stop another terrorist attack?
But the facts behind the case tell a different story.
First, it’s Apple—not the FBI—that is advancing our national security interests in this scenario. There’s no way for the company to create a backdoor for the exclusive use of the FBI. Once Apple’s system is less secure, it has the potential to be exploited by criminals, cyberterrorists, and other countries. We will all be more vulnerable to data breaches and ransomware. And our nation’s companies will be vulnerable to corporate espionage.
Moreover, the FBI’s legal argument completely dodges a key issue: Whether it actually needs Apple to create a backdoor, or whether it already has the tools to access Farook’s iPhone. The FBI argues only that it shouldn’t have to exhaust its own resources before forcing Apple to compromise its operating system security. This is a bizarre omission, unless you’re paying attention to the larger point. Despite claims to the contrary, the FBI isn’t fighting for access to Farook’s phone. It’s fighting for a change in the law.
The FBI isn’t fighting for access to Farook’s phone. It’s fighting for a change in the law. Many high-profile cybersecurity experts have come forward to say they believe the FBI has the resources necessary to crack Farook’s iPhone. These include cryptosecurity researchers such as Bruce Schneier, former counterterrorism official Richard Clarke, and Edward Snowden.
Their confidence is based in part on Snowden’s revelations about the “ongoing campaign aimed at defeating the tech giant’s efforts to secure its products, and in turn, its customers’ private data.” They point to groups like the NSA’s Tailored Access Operations department, which is a cyber-warfare intelligence-gathering unit that monitors and collects information on computer networks.
Not only does the NSA have advanced technology and resources at its disposal, it’s also in the business of collecting and creating “zero-day” exploits, a name given to never-before-used penetration methods and hacks. These exploits are so valuable that a government contractor recently paid $1 million for an Apple iOS zero-day exploit (which was potentially resold to an unknown government).
Perhaps the FBI hopes that neither the courts nor the public will dig too deeply into the issue. But taking its legal argument at face value ignores the reality of law enforcement’s long-term strategy. This fight has very little to do with this phone or this act of terrorism. It’s about the next bank robbery in Cleveland, a drug ring in Miami next year, and a new money-laundering scheme in Seattle. The government is determined to create new precedent—messy facts be damned.
Jay Edelson is founder and CEO of national privacy law firm Edelson PC. Christopher Dore is a partner at Edelson PC. We welcome your comments at email@example.com.