Our phones store private conversations, photos, and contacts – sensitive data which reveals a lot about our private lives.
A very interesting case recently brought this into the spotlight in the USA. It sounded like an action film: secret service agents, the threat of terrorism, flashy gadgets. But it involved real people’s rights. Here’s what’s happening in the US and how we protect privacy in the UK.
First, a bit of background…
In December 2015, Syed Rizwan Farook and Tashfeen Malik – a married couple – carried out an act of terrorism: a mass shooting in San Beranrdino, California. The shooting left 14 people dead and 22 seriously injured. Farook and Malik fled and were killed by the police.
The US intelligence and security service, the Federal Bureau of Investigation (FBI), found Syed Farook’s iPhone 5c and wanted to search it. But the FBI was unable to unlock the phone because it was encrypted – protected by a passcode.
The FBI didn’t know the passcode for Farook’s iPhone, so it asked Apple Inc. (the maker of the iPhone) to help it break into the device. Apple refused. The FBI took Apple to court.
What happened at court?
A judge in the United States ordered Apple to help the FBI break into Syed Farook’s iPhone. You can read the court’s order here.
The FBI wanted to avoid erasing any personal data on the phone, which the device would do automatically if a number of failed attempts were made to unlock it. The FBI wanted to use computers to rapidly try passcodes until they found the right one, so the FBI wouldn’t have to manually test thousands of possible combinations. The FBI also wanted Apple to remove the function which locks the phone temporarily when an incorrect passcode is entered.
The FBI did not ask to know how the software worked. It could be installed at an Apple facility, it would only be known to Apple, and Apple could choose to destroy it.
So what’s the issue?
Bypassing data security features is dangerous, because in the wrong hands the software could be used to unlock anyone’s iPhone and access their data, which could compromise people’s personal security.
There are no guarantees the US government would use the technology only in relation to Syed Farook’s iPhone. It might set a precedent, giving the government authority to force Apple (or other influential companies like Google and Facebook) to hand over the keys to millions of people’s personal data.
Did it set a precedent?
It seems that Apple had good reason to be concerned. Reports are emerging that the FBI is now asking for Apple’s help to break into phones relating to several other cases. At least two do not directly involve terrorism:
- A request to break into the iPhone of a major drug dealer in New York (this iPhone is running an older version of Apple’s operating system, so the hacks previously used won’t work); and
- A request to help in a gang-related case in Boston. Recent reports indicate that a US judge has ordered Apple to assist in extracting information from the phone.
How is privacy protected in the UK?
This is an important right, but not an unqualified one. When it is necessary to protect national security, the right to privacy can be restricted. However, while trying to achieve this aim, the State’s actions must be the least restrictive of people’s rights.