MALIBU – The U.S. Justice Department may have backed out of its legal showdown with Apple this week, but the question of how far law enforcement can go to get private companies to compromise their encryption technology remains an open question.
“With privacy law, there’s always a problem of technology outpacing the law,” Victoria Schwartz, an associate professor of law at Pepperdine University, told the Northern California Record. “Can the government require a private corporation to write code on its behalf? This is still an open question.”
The Apple-FBI court case began in the wake of the terrorist shooting rampage in San Bernardino in December that left 14 dead. The FBI served the California technology firm with a court order earlier this year that required it to write a software program that would unlock the work phone belonging to shooter Syed Rizwan Farook, an environmental health specialist for San Bernardino County.
Apple balked at complying with the order, saying that such software did not exist and that providing it would potentially undermine the security of Apple’s iPhones because they would be at greater risk of being hacked by government agencies.
Schwartz noted that Apple has set itself apart as a company that consumers who are concerned about personal data privacy can depend on.
“If the government forces them to write the code, Apple couldn’t advertise it as uncrackable,” she said, adding that such an outcome tends to compromise the company’s business model.
The Justice Department’s filing this week said that it no longer needed Apple’s help in getting around the encryption protections in the iPhone’s software because a third party provided a way to hack into the phone and allow FBI investigators to review its contents. That essentially gave Apply a legal victory in the end, but key legal issues in the debate over privacy and technology remain to be sorted out.
Schwartz said that in the Apple-FBI case, the company was not being asked to simply hand something over to investigators but instead was being told to write software that would have widespread future consequences.
“Imagine them telling a restaurant to cook a certain food – or telling a company to do something it otherwise would not do,” Schwartz said, adding that the government’s goal was always to create a legal precedent for the future to gain access to encrypted data.
From Apple’s perspective, if it complied with the Justice Department’s order, it might be forced to perform similar actions in other countries where it does business, such as China.
In another case involving Apple and government efforts to get data from a drug dealer’s iPhone in Brooklyn, Apple won an initial round in court, but the government is appealing. Schwartz said that the Brooklyn case could set up another high-stakes showdown in court.
Typically, hackers and technology companies spar with each other over encryption, with one side or the other gaining and then losing ground in a continuous back-and-forth, she said.
Lawmakers have also been drawn into the fold. California Sen. Dianne Feinstein, for one, favors drafting legislation that would force companies to comply with court orders for encrypted data – something Schwartz says would give the FBI what it sought in the San Bernardino case. She added that it’s unlikely that Congress would be the best venue for an ultimate solution in the technology privacy debate.
“The lines won’t be drawn in Congress, but in the courts,” Schwartz said.