Over the past fortnight, our Twitter feed has been filled with commentary on the ongoing battle between Apple and the FBI over the iPhone used by Syed Farook, the San Bernardino shooter who along with his wife, Tashfeen Malik, killed 14 people late last year. Given that this is a highly debated topic with polarising viewpoints, this week on the blog we thought we would explore both sides and allow you to determine where you stand.

After the December 2 shooting, the FBI seized a number of the couple’s possessions, one of which being Farook’s iPhone. The phone is locked with a pin code, preventing access to its data, which the FBI purports will be of value to its investigations. In an additional security measure, Apple iPhones are automatically wiped of all data if the incorrect pin is entered more than ten times in a row, thereby preventing access through repeated attempts at guessing the pin.
As a result, the tech giant has been issued with a court injunction mandating it create a way around this feature, thereby enabling the FBI unlimited opportunity to access the phone through brute force methods, which involve using a computer to continuously try different code combinations as a process of elimination. Apple’s response has been firm, with an unwavering refusal to comply, citing the potential privacy consequences that may arise if such a precedent is established.

This case therefore begs the question, which is more important: security or personal privacy? We unpack the issue below.

The case for security

The position of the FBI as a protector of the community is evident, with the law enforcement agency seeking to identify the motive and means by which this terrorist act was carried out, believing that phone data holds a vital key in their investigations. Director James Comey said in a blog post last week that the FBI owes it to the victims’ families to be thorough and professional, and to follow all leads, thereby warranting access to Farook’s iPhone and cooperation by Apple to achieve this (Comey, 2016).

Further, the FBI insists that the disabling of the auto wipe on the iPhone will be done on a case by case basis only, with no intention of using such a feature except in the most serious of circumstances, of which this is argued definitely qualifies. Therefore, the privacy concerns outlined by Apple are deemed to be irrelevant, as everyday citizens would not have anything to fear, provided that they are not engaging in illegal behaviour.

The case for personal privacy

In contrast, Apple CEO Tim Cook has responded by penning an open letter to customers (which you can read in its entirety here) warning of the dangers of creating a legal precedent that gives law enforcement agencies the power to bypass specifically designed security features. While the FBI has argued its use will be limited to the San Bernardino and similar cases, this is unable to be guaranteed.

Cook highlights that our increasing reliance on smart devices to store personal information necessitates encryption and that consumers have an expectation that their data is protected. Should Apple build what it has labelled is essentially a defect, it would defeat the purpose of such strong security mechanisms. Moreover, should this tool fall into the wrong hands, every iPhone user faces a serious risk of identity theft.

Cook’s concerns are echoed by Google CEO Sundar Pichai, who shared apprehension about the repercussions of establishment of a legal precedent, however welcomed further discussion on what is a topical issue in an age where we are so digitally dependant (Saarinen, 2016).

Interestingly, this case bears striking similarity to the discussion that ensued when metadata retention laws were coming into effect in Australia last October (see our blog post on the topic here). Law enforcement agencies
argued that access to data on phone and internet use would aid in criminal investigations, while many telcos and civil libertarians opposed the legislation based on privacy concerns.

The inevitability of this issue is undeniable given our current state of constant connection. In a debate in which the two stances appear to be polar opposites, we must ask ourselves how we seek to strike a balance, as we will undoubtedly be faced with a similar case in the not too distant future.

References

Comey, J, 2016, We could not look the survivors in the eye if we did not follow this lead, https://www.lawfareblog.com/we-could-not-look-survivors-eye-if-we-did-not-follow-lead
Saarinen, J, 2016, Apple defies FBI’s unlock iPhone order, http://www.itnews.com.au/news/apple-defies-fbis-unlock-iphone-order-415325

What are your thoughts on this? Do we as consumers have the right to our personal privacy being upheld by companies like Apple, or are there circumstances in which security overrides this? Tweet us at @DataUPAus today to start the conversation.