By William Palisano
There are no easy answers in the ongoing national debate over mobile device security, after a federal magistrate in California approved an order compelling Apple to unlock the iPhone 5c belonging to the late terror suspect Syed Rizwan Farook, one of two individuals responsible for a mass shooting in San Bernardino on Dec. 2, 2015. Specifically, Apple is under pressure from the federal government to create a “backdoor” for the iPhone’s operating system that would allow the government to bypass security encryption measures to gain access to the phone’s data.
On one hand, for the purpose of national security, if information obtained from a recovered cellphone can help in any way to prevent additional terror attacks or violent crimes from taking place, it would be difficult to argue that there’s no merit to the exercise. On the other hand, forcing Apple to create a security vulnerability that would enable the government, and likely others, to tap into Americans’ most personal information for whatever purpose is decidedly in opposition to the freedoms we hold dear.
The FBI claims that the process it’s requesting of Apple is specific to Farook’s phone, and only that phone. Taking a very public stance, Apple has responded that this outlook is a misinterpretation of data security realities – that once created, such a process “could be used over and over again, on any number of devices,” likening the situation to “the creation of a master key, capable of opening hundreds of millions of locks.” Apple is right.
Tech companies have spent billions on protecting your data because every day a new enemy arises intent on stealing it. Were Apple to create the “backdoor” entry into people’s personal mobile devices, it would open a window for bad actors out there to exploit – and there are many definitions for “bad actors,” including domestic and foreign.
The legal battle that is shaping up will be one that all Americans should watch closely. Apple’s newest operating system is intentionally encrypted so that even Apple, without the proper passcode, does not have access to the personal information on any given device. By asking Apple to usurp that security, the government seeks to set a very dangerous precedent that would quickly affect all other technological platforms.
Is there a workaround to the investigation itself? There is: Apple under court order can break into this one phone (and perhaps others in the future under separate, specific court orders) and present the information to the government without giving away the keys to the privacy kingdom. As a company that has provided data security services for over 20 years, we cannot argue with Apple’s defense of its customers’ security.
William Palisano is president of Lincoln Archives, a Buffalo information management and data protection company.