Saturday, February 20, 2016

Apple vs the US Government

This is a political post.

I spotted in the news that Apple has decided to fight a court order to assist the government in unlocking an iPhone. This on it's face would be wrong, privacy and all that, except the phone belonged to the man who killed fourteen people at the San Bernardino County Department of Health, and may be instrumental in figuring out what happened. What you might call, mitigating circumstances. Even if the phone contains nothing, and that is a possibility, it behooves the investigators to check and be sure.

Then there is what the government is asking for, which Tim Cook seems to want to categorize as a backdoor, but when you look at it, probably isn't. I understand why they're 'standing' up to the government. In the hyper competitive business environment they exist in, they're in an extremely vulnerable position as the perceived luxury brand. Other firms can do what they do, and charge less for it. But, they can work there luxury hook by exploiting their also perceived existence as the one major tech giant who is NOT packaging and selling your personal data to make its profits. We're the good guys, do business with us! And Cook has mounted his argument the idea that this is a slippery slope involving phone security that we shouldn't start down.  

Only there is a problem. Technically, and since this really is a technical issue this is important, Tim Cook's argument is wrong. 

Now, let's be clear here, I believe in consumer privacy and would not want a backdoor or master key created which would allow someone to access my phone without my permission. Ever. And since this is the one phone the alleged shooter didn't try to destroy, there probably is little evidence here that might be useful. But even so, I think the government has a reasonable interest in the contents of the phone if only out of procedural and professional thoroughness. And maybe that Apple is being just a bit oversensitive.

Okay, to explain myself, when I say Tim Cook's argument is wrong its that he makes it sound like the government is asking for a backdoor to built into all future Apple devices so that they can access them when they need to, hopefully meaning only when they have a court order. But this isn't what the government is asking for. And Cooks more nuanced "actual argument" that the government would use this single copy of the software to reverse engineer their own master they couldn't just buy a phone and do it if they really wanted just hyperbole. Actually considering what they're asking for, they should have just requested an actual backdoor. It would be simpler.

You see, what the government IS asking Apple to do is to build a custom version of their 9.0 software to use on that single phone that disables two security features, but don't actually unlock the phone. The first feature the government is trying to circumvent is the auto erase after ten unsuccessful access attempts. The second part is the time required between entry attempts, which increases after five tries. What this will allow the government to do is essentially try every combination until they get it, a brute force solution. By the way, if the phone has an eight digit code it could still take years. Many, many hundreds of years. For some reason, Apple and Cook want to classify that as a backdoor. It's not. It's not even a particularly effective access tool. And the other weird part is, this requested version of software that might still take hundreds of years to work is only that little tiny bit of effective on this particular older model of the phone, not the newer products. A change in the architecture of the iphone 6 (which certainly also will exist on the iphone 7) makes this particular method which is already just about useless, the argumentative equivalent of railing against not giving a spoon to somebody hoping to empty the Atlantic. This particular technical question isn't even really a question going forward. Makes you wonder what this argument is really about.
Is this really a corporate defense of an unsettled privacy issue caused by advances in technology that the law hasn't had time to adapt to? As we go forward, and with our growing reliance on technology - specifically cell phones - we should be drawing bright lines where possible as to what can and cannot be searched without just cause. Only narrow slice of law doesn't really apply here. Is this an attempt to check the limitations of court powers on trade secrets and intellectual property? We already have legislation and precedent here. Maybe it's addressing a future collision of two areas of law that will only get worse as our lives get more intertwined with technology going forward? Striking a balance between the new services business model technology is moving towards with police power is important with regards to individual privacy, but I'm not sure this is the case to attempt to prove a point.  Or is it a marketing ploy to help polish the company image? Very likely.

Because this story still has a number of things which make the larger arguments seem like distractions, not legal thought abstracts.

What the government suggested was that the custom version of the software that Apple would have to build under the court order be constructed to only operate on a single device. It seems a smart compromise. But it's here that Apple raises it very real concern about reverse engineering on the part of the government for future use. Or it would been a real concern about their motives, if the government hadn't offered to let Apple create and install the software, KEEP THE PHONE, and then send their attempts to unlock it to Apple remotely. The company gets total control, and the authorities get the suspects data. But Apple said no. It could be that I'm missing something, but it sounds like the government is trying to be accommodating to industry concerns and just getting stonewalled on principle. I'm starting to kind of get the impression Apple wanted to call attention to this make a philosophical point. Which is weird.

Because our friend Apple uses a closed system, allowing only programs they have taken apart and approved on their company products. This will continue for the foreseeable future. Their products, as a default, track a sinful amount of your data. And so, the company that as a policy disables YOUR phone remotely for using third party repairs, now has the idea that YOUR phone and YOUR data are somehow now sacrosanct in the eyes of the law.

But apparently this idea only applies to the government and not the company itself.

One loathes to use the term hypocrite....but Apple is being a hypocrite here. Which undermines any grand philosophical point they might be trying to make. And while I applaud their effort, and the idea of individual privacy, they may have chosen the wrong horse to ride to glory here.

(Full disclosure: I have an Ipad. And I like it.)

No comments: