The Apple-FBI Encryption Fight Has Been a Long Time Coming
Tech firms have hastened their use of encryption in recent years, so it’s no surprise tensions are coming to a head.
By Tom Risen | Staff Writer March 21, 2016, at 2:09 p.m.
The fight between Apple and the FBI over unlocking the iPhone of a terrorist is only the most visible front in Silicon Valley’s clash with police and government agencies over the recent and rapid expansion of encryption.
Back in 2014, Apple and Google both announced they would employ encryption on smartphones that would prevent the companies from being able to remotely access information stored on the devices. This earned the ire of the FBI, and has culminated in a court order for Apple to assist in unlocking the iPhone 5c of Syed Rizwan Farook, who was fatally shot by authorities along with his wife, Tashfeen Malik, after they killed 14 people in San Bernardino, California, in December.
The FBI and Apple were scheduled to meet on Tuesday in federal court in California, where Magistrate Judge Sheri Pym would hear witnesses for both sides regarding the tech giant’s request to have that order dismissed. However, the hearing was canceled late Monday after federal prosecutors said the FBI needed time to look into a different method of unlocking the phone that may not require Apple’s help.
The government instead will file a status report on April 5, according to The Associated Press.
FBI Director James Comey has criticized tech companies’ encryption efforts, arguing that law enforcement needs some way to access data on smartphones during criminal and terrorist investigations, and that the absence of that ability endangers lives.
Yet despite this government backlash and the court fight involving its competitor, Google’s latest Transparency Report states the tech giant is “working hard toward our objective of achieving 100 percent encryption” across its online services. The percentage of requests handled by Google’s servers that have used encrypted connections has spiked to 77 percent, up from 52 percent at the end of 2013, according to the report.
Still, the company acknowledged the difficulty of securing data connected to older devices.
“The vast majority of unencrypted end user traffic originating from a set of surveyed Google services comes from mobile devices,” the report states. “Unfortunately, these devices may no longer be updated and may never support encryption.”
A company spokesman also says the tech giant has received law enforcement requests for access to encrypted Android smartphones, but was unable to provide specific information about those requests.
A chart showing the percentage of requests to Google’s servers that used encrypted connections, without YouTube traffic included.
Along with Apple and Google, Facebook and Yahoo also have expanded their use of encryption in recent years, partly in response to details of broad spying conducted by the National Security Agency that were leaked to the press beginning in 2013.
Those leaks by former NSA contractor Edward Snowden pressured companies to reassure customers of their privacy, but the cybersecurity benefits of encryption additionally have motivated the growing use of such software by businesses, says Ross Schulman, senior policy counsel at the New America Foundation’s Open Technology Institute.
“What was game-changing about the NSA leaks was how they also made that extra security a commercial necessity, especially for international users now much less trusting in the U.S. or its companies,” Schulman says.
Even amid the current Apple-FBI fight, messaging service WhatsApp – which Facebook acquired in 2014 – reportedly is planning to encrypt voice calls on its global messaging service, and Facebook is considering more privacy features for its Messenger app, according to The Guardian.
“WhatsApp has been rolling out strong encryption to portions of its users since 2014,” Facebook spokesman Jay Nancarrow told U.S. News in response to these reports.
Indeed, while tech companies may have hastened their use of encryption in response to recent privacy threats, some have been erecting these online defenses since the 1990s.
Noah Theran, a spokesman for The Internet Association – a group that represents companies including Yahoo, Twitter, Facebook and Google – says encryption is needed to protect customer data against increasingly sophisticated hackers.
“Ultimately, without strong encryption, we are all less safe,” he says. “Strong encryption improves national security.”
Survey results published last week by technology company ZixCorp indicate that Americans also feel encryption is primarily a cybersecurity tool. Out of more than 500 respondents, 72 percent said that “security” is the word they associate most with encryption, while 25 percent said “privacy” and 4 percent said “threat.”
Comey has also noted the cybersecurity benefits of encryption technology, but he and other officials argue police and government officials should have a way to access the secured data. The court order for Apple to unlock its secure iPhone is the latest example of criticism directed at encryption that dates back to the 1990s and shows no signs of ending soon, says Alexander Abdo, a staff attorney with the American Civil Liberties Union.
“The government appears unwilling to accept what security professionals say in a near perfect consensus, which is that there’s no such thing as a backdoor that only the government can use,” he says. “If you force tech companies to build backdoors, everyone will come knocking.”
Updated on March 21, 2016: This story has been updated to include new developments in the Apple-FBI court battle.