The controversy over Apple’s refusal to help unlock the San Bernardino killer’s iPhone is not surprising. Ever since Edward Snowden revealed that the agencies that America pays to keep tabs on what is going on in the world actually do their jobs, technology companies have been at pains to divorce themselves from any involvement with these agencies. There is a simple rationale: if a company is shown to assist the US government, it is exposed to backlash from those who do not want the US government to have access to their information or who do not like the idea of the government having such access. There are also additional concerns about having any sort of backdoor in a system. The more doors in a system, the more vulnerable that system is. Either concern could cost a company. If competitors arise that protect consumer information significantly better than others, it will certainly be at an advantage compared to those that permit a group like the FBI information access.
So now we are at a point where the major tech companies are choosing to refuse to help the US government in any way in the search for consumer data. Specifically Apple, obviously, but this case could set the new paradigm. Apple is already working on an OS update that will block even itself from any data access. Others will follow.
It is important to point out at this point that the actual FBI request is flawed severely, and should not be acceded to. I suggest reading this post by Jonathan Zdziarski for the details of why what the FBI requests and the way they want it is probably very dangerous. However, let us pretend for the sake of the privacy vs security concept that what they are requesting was not flawed and disingenuous. What then?
The issue then would be if Apple helps now, they will be expected to help in the future. Other governments in other countries will know the FBI OS version exists and may order Apple to provide it to them too. But Apple and the big tech companies don’t want to help the government at all. They don’t want to have to deal with this issue ever again. One Snowden revelation was enough trama to their public image. Additionally, they don’t want ANY government to ask for their help. Thus, the line in the sand by Apple.
I think that sand has more imagery to use in this public debate. That of burying one’s head in the sand. That is what I think Apple and the tech world is trying to do here. They want out of being involved. But they are involved and always will be involved. Government needs to be a part of wherever the people who elect it are. Today, that includes the interconnected internet of things and phones and PC’s and just about everything else. I like making individuals more responsible for their own lives, but some things we as a nation need to work together and share burdens in a universal and organized manner, and so we make those organizations and keep them regulated and we call the whole bunch of organizations we have done this with our government. And if Apple or any other company thinks they get a free pass to duck civic involvement they are wrong. We accord corporations extensive rights and liberties; the corollary is the responsibility that goes with it.
What if we favor the privacy side? If all communications and digital information becomes locked off from the reach of the law and government as privacy outpaces decryption, will those who won the debate take responsibility for the results? Terrorist attacks coordinated in perfect secrecy? Child pornography shared without significant risk? And when the incidents and the deaths and the tragedies accumulate, people will shout at the agencies they entrusted to fight such things and they will just shrug and say, “you took away our ability to do our job. Too bad.”
Then there is the security side. We could also go and say that, well, gee, that sounds awful, so give these agencies anything they want. And then you have 50 devices you use in your home every day 20 years in the future – and every one of them is monitoring your every waking minute. Clearly that is not good either. Absolutely not, no thanks.
The best solution is somewhere in the middle. A company like Apple should engage with the FBI to bring justice for a killer’s victims. It should also not be subject to fishing expeditions from zealous agents. Apple should not compromise the security of every Apple user to make an agency’s life easier. But it should also not pretend it can say “we’ve made our OS so secure no one can ever find out anything stored on an Apple product. Oh, there’s a nuclear bomb hidden in the city strapped to an iPhone? Let’s put our hands over our ears, la la la, we can’t hear these bad things, la la la…”
I invite you as a reader to do a similar thought experiment. Go ahead and think of the things that a tech company ought to be able to, whether every day or in extremis, with the products it makes. Think of what the FBI ought to be able to access and not access. Consider those lists. Think of where they clash. Think of where they harmonize. Then compare that to the future alternatives outlined above. I would imagine that, like me, you will lean more towards a middle path. I like privacy, but closing the tech world off from government is a bridge too far. When it is suggested that this issue needs to be settled in Congress, well, that sounds about right. The FBI has not helped themselves with the details of their request. In fairness, they seem at a loss for another way to get at the phone data, even though the legal requirements that accompany what they want torpedo its reasonableness. But Apple is not doing itself many favors with an “absolute privacy” stance either. This is a national issue, and needs to be settled by Congress.